VYPR
Vendor

Huawei

Huawei Technologies Co., Ltd. is a Chinese multinational corporation and technology company headquartered in Longgang, Shenzhen, Guangdong. Its main product lines include telecommunications equipment, consumer electronics, electric vehicle autonomous driving systems, and rooftop solar power products. The company was founded in Shenzhen in 1987 by Ren Zhengfei, a veteran officer of the People's Liberation Army (PLA).

Founded 1987
Products
964
CVEs
2,254
Across products
2,570
Status
Private

Products

964
View all 964 products →

Recent CVEs

2,254
View all 2,254 CVEs →
  • CVE-2017-14491CriOct 4, 2017
    risk 0.73cvss 9.8epss 0.85

    Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.

  • CVE-2017-17215HigMar 20, 2018
    risk 0.66cvss 8.8epss 0.79

    Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead to the remote execution of arbitrary code.

  • CVE-2017-17301CriFeb 15, 2018
    risk 0.64cvss 9.8epss 0.01

    Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01,…

  • CVE-2017-8129CriNov 22, 2017
    risk 0.64cvss 9.8epss 0.01

    The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.

  • CVE-2017-8128CriNov 22, 2017
    risk 0.64cvss 9.8epss 0.01

    The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.

  • CVE-2017-8126CriNov 22, 2017
    risk 0.64cvss 9.8epss 0.01

    The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.

  • CVE-2017-8124CriNov 22, 2017
    risk 0.64cvss 9.8epss 0.01

    The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.

  • CVE-2017-8123CriNov 22, 2017
    risk 0.64cvss 9.8epss 0.01

    The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.

  • CVE-2017-8122CriNov 22, 2017
    risk 0.64cvss 9.8epss 0.01

    The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.

  • CVE-2017-8120CriNov 22, 2017
    risk 0.64cvss 9.8epss 0.01

    The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.

  • CVE-2017-8119CriNov 22, 2017
    risk 0.64cvss 9.8epss 0.01

    The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.

  • CVE-2017-8117CriNov 22, 2017
    risk 0.64cvss 9.8epss 0.01

    The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.

  • CVE-2017-2738CriNov 22, 2017
    risk 0.64cvss 9.8epss 0.03

    VCM5010 with software versions earlier before V100R002C50SPC100 has an authentication bypass vulnerability. This is due to improper implementation of authentication for accessing web pages. An unauthenticated attacker could bypass the authentication by sending a crafted HTTP…

  • CVE-2017-0828CriOct 4, 2017
    risk 0.64cvss 9.8epss 0.00

    An elevation of privilege vulnerability in the Huawei bootloader. Product: Android. Versions: Android kernel. Android ID: A-34622855.

  • CVE-2015-7841CriOct 3, 2017
    risk 0.64cvss 9.8epss 0.02

    The login page of the server on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2…

  • CVE-2015-4629CriSep 7, 2017
    risk 0.64cvss 9.8epss 0.02

    Huawei E5756S before V200R002B146D23SP00C00 allows remote attackers to read device configuration information, enable PIN/PUK authentication, and perform other unspecified actions.

  • CVE-2017-3216CriJun 20, 2017
    risk 0.64cvss 9.8epss 0.05

    WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a…

  • CVE-2014-9693CriApr 2, 2017
    risk 0.64cvss 9.8epss 0.01

    Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285 V2 V100R002C00SPC115 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285H V2 V100R002C00SPC111 and earlier versions, Tecal RH2268 V2 V100R002C00, Tecal RH2288 V2…

  • CVE-2016-6206CriMar 24, 2017
    risk 0.64cvss 9.8epss 0.04

    Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet.

  • CVE-2016-8276CriOct 3, 2016
    risk 0.64cvss 9.8epss 0.06

    Buffer overflow in the Point-to-Point Protocol over Ethernet (PPPoE) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600, when CHAP authentication is configured on the server, allows remote attackers to cause a…