VYPR

USG9500

by Huawei

CVEs (37)

  • CVE-2014-9137HigApr 2, 2017
    risk 0.57cvss 8.8epss 0.00

    Huawei USG9500 with software V200R001C01SPC800 and earlier versions, V300R001C00; USG2100 with software V300R001C00SPC900 and earlier versions; USG2200 with software V300R001C00SPC900; USG5100 with software V300R001C00SPC900 could allow an unauthenticated, remote attacker to…

  • CVE-2020-1871HigJan 3, 2020
    risk 0.53cvss 8.2epss 0.01

    USG9500 with software of V500R001C30SPC100; V500R001C30SPC200; V500R001C30SPC600; V500R001C60SPC500; V500R005C00SPC100; V500R005C00SPC200 have an improper credentials management vulnerability. The software does not properly manage certain credentials. Successful exploit could…

  • CVE-2021-22309HigMar 22, 2021
    risk 0.49cvss 7.5epss 0.01

    There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions…

  • CVE-2020-1847HigNov 13, 2020
    risk 0.49cvss 7.5epss 0.01

    There is a denial of service vulnerability in some Huawei products. There is no protection against the attack scenario of specific protocol. A remote, unauthorized attackers can construct attack scenarios, which leads to denial of service.Affected product versions…

  • CVE-2019-19417HigJul 8, 2020
    risk 0.49cvss 7.5epss 0.01

    The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful…

  • CVE-2019-19416HigJul 8, 2020
    risk 0.49cvss 7.5epss 0.01

    The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful…

  • CVE-2019-19415HigJul 8, 2020
    risk 0.49cvss 7.5epss 0.01

    The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful…

  • CVE-2020-1881HigFeb 28, 2020
    risk 0.49cvss 7.5epss 0.01

    NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper…

  • CVE-2020-1876HigFeb 28, 2020
    risk 0.49cvss 7.5epss 0.01

    NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to…

  • CVE-2020-1873HigFeb 28, 2020
    risk 0.49cvss 7.5epss 0.01

    NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products.…

  • CVE-2020-1860HigFeb 28, 2020
    risk 0.49cvss 7.5epss 0.01

    NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit…

  • CVE-2020-1829HigFeb 17, 2020
    risk 0.49cvss 7.5epss 0.01

    Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500 have a vulnerability that the IPSec module handles a message improperly. Attackers can send specific message to cause…

  • CVE-2020-1858HigFeb 17, 2020
    risk 0.49cvss 7.5epss 0.01

    Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100; and USG9500 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have a denial of…

  • CVE-2020-1828HigFeb 17, 2020
    risk 0.49cvss 7.5epss 0.01

    Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in…

  • CVE-2019-5275HigDec 26, 2019
    risk 0.49cvss 7.5epss 0.00

    USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a…

  • CVE-2019-5274HigDec 26, 2019
    risk 0.49cvss 7.5epss 0.00

    USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in an infinite loop, an attacker may exploit the vulnerability via a malicious certificate to perform a…

  • CVE-2019-5273HigDec 26, 2019
    risk 0.49cvss 7.5epss 0.00

    USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious…

  • CVE-2016-8796HigApr 2, 2017
    risk 0.49cvss 7.5epss 0.01

    Huawei USG9520 V300R001C01, USG9560 V300R001C01, and USG9580 V300R001C01 allow unauthenticated attackers to send abnormal DHCP request packets to the affected products to trigger a DoS condition.

  • CVE-2016-8278HigOct 3, 2016
    risk 0.49cvss 7.5epss 0.01

    Huawei USG9520, USG9560, and USG9580 unified security gateways with software before V300R001C01SPCa00 allow remote attackers to cause a denial of service (device restart) via an unspecified URL.

  • CVE-2020-9127MedNov 13, 2020
    risk 0.44cvss 6.7epss 0.00

    Some Huawei products have a command injection vulnerability. Due to insufficient input validation, an attacker with high privilege may inject some malicious codes in some files of the affected products. Successful exploit may cause command injection.Affected product versions…

Page 1 of 2

VYPR — Vulnerability Intelligence