VYPR
High severity8.8NVD Advisory· Published Apr 2, 2017· Updated Jun 17, 2026

CVE-2014-9137

CVE-2014-9137

Description

Huawei USG9500 with software V200R001C01SPC800 and earlier versions, V300R001C00; USG2100 with software V300R001C00SPC900 and earlier versions; USG2200 with software V300R001C00SPC900; USG5100 with software V300R001C00SPC900 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface.

Affected products

12
  • cpe:2.3:a:huawei:fusionmanager:v100r002c03:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:huawei:fusionmanager:v100r002c03:*:*:*:*:*:*:*
    • cpe:2.3:a:huawei:fusionmanager:v100r003c00:*:*:*:*:*:*:*
  • cpe:2.3:o:huawei:usg2100_firmware:*:*:*:*:*:*:*:*
    Range: <=v300r001c00spc900
  • cpe:2.3:o:huawei:usg2200_firmware:*:*:*:*:*:*:*:*
    Range: <=v300r001c00spc900
  • cpe:2.3:o:huawei:usg5100_firmware:*:*:*:*:*:*:*:*
    Range: <=v300r001c00spc900
  • cpe:2.3:o:huawei:usg5500_firmware:*:*:*:*:*:*:*:*
    Range: <=v300r001c00spc900
  • cpe:2.3:o:huawei:usg9500_firmware:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:huawei:usg9500_firmware:*:*:*:*:*:*:*:*range: <=v200r001c01spc800
    • cpe:2.3:o:huawei:usg9500_firmware:v300r001c00:*:*:*:*:*:*:*
  • Huawei/USG9500llm-fuzzy
    Range: <=V200R001C01SPC800, V300R001C00
  • Huawei/USG2100llm-fuzzy
    Range: <=V300R001C00SPC900
  • Huawei/USG2200llm-fuzzy
    Range: <=V300R001C00SPC900
  • Huawei/USG5100llm-fuzzy
    Range: <=V300R001C00SPC900

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.