High severity8.8NVD Advisory· Published Apr 2, 2017· Updated May 13, 2026

CVE-2014-9137

Description

Huawei USG9500 with software V200R001C01SPC800 and earlier versions, V300R001C00; USG2100 with software V300R001C00SPC900 and earlier versions; USG2200 with software V300R001C00SPC900; USG5100 with software V300R001C00SPC900 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface.

Affected products

Huawei/Fusionmanager2 versions
cpe:2.3:a:huawei:fusionmanager:v100r002c03:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:huawei:fusionmanager:v100r002c03:*:*:*:*:*:*:*
- cpe:2.3:a:huawei:fusionmanager:v100r003c00:*:*:*:*:*:*:*
Huawei/Usg2100 Firmware
cpe:2.3:o:huawei:usg2100_firmware:*:*:*:*:*:*:*:*
Range: <=v300r001c00spc900
Huawei/Usg2200 Firmware
cpe:2.3:o:huawei:usg2200_firmware:*:*:*:*:*:*:*:*
Range: <=v300r001c00spc900
Huawei/Usg5100 Firmware
cpe:2.3:o:huawei:usg5100_firmware:*:*:*:*:*:*:*:*
Range: <=v300r001c00spc900
Huawei/Usg5500 Firmware
cpe:2.3:o:huawei:usg5500_firmware:*:*:*:*:*:*:*:*
Range: <=v300r001c00spc900
Huawei/Usg9500 Firmware2 versions
cpe:2.3:o:huawei:usg9500_firmware:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:huawei:usg9500_firmware:*:*:*:*:*:*:*:*range: <=v200r001c01spc800
- cpe:2.3:o:huawei:usg9500_firmware:v300r001c00:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.huawei.com/en/psirt/security-advisories/hw-372186nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000