Filtered by vendor Huawei Subscriptions
Total 1977 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2012-4960 1 Huawei 66 Acu, Ar 19\/29\/49, Ar G3 and 63 more 2024-11-21 N/A
The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.
CVE-2012-3268 2 Hp, Huawei 675 0150a129, 0150a12a, 0150a12b and 672 more 2024-11-21 N/A
Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products; certain HP 3Com Access Controller, Router, and Switch products; certain HP H3C Access Controller, Firewall, Router, Switch, and Switch and Route Processing Unit products; and certain Huawei Firewall/Gateway, Router, Switch, and Wireless products do not properly implement access control as defined in h3c-user.mib 2.0 and hh3c-user.mib 2.0, which allows remote authenticated users to discover credentials in UserInfoEntry values via an SNMP request with the read-only community.
CVE-2009-4197 1 Huawei 3 Mt882 Modem, Mt882 Modem Firmware, Mt882 V100t002b020 Arg-t 2024-11-21 N/A
rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support autocomplete.
CVE-2009-4196 1 Huawei 1 Mt882 V100t002b020 Arg-t 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in multiple scripts in Forms/ in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 allow remote attackers to inject arbitrary web script or HTML via the (1) BackButton parameter to error_1; (2) wzConnFlag parameter to fresh_pppoe_1; (3) diag_pppindex_argen and (4) DiagStartFlag parameters to rpDiag_argen_1; (5) wzdmz_active and (6) wzdmzHostIP parameters to rpNATdmz_argen_1; (7) wzVIRTUALSVR_endPort, (8) wzVIRTUALSVR_endPortLocal, (9) wzVIRTUALSVR_IndexFlag, (10) wzVIRTUALSVR_localIP, (11) wzVIRTUALSVR_startPort, and (12) wzVIRTUALSVR_startPortLocal parameters to rpNATvirsvr_argen_1; (13) Connect_DialFlag, (14) Connect_DialHidden, and (15) Connect_Flag parameters to rpStatus_argen_1; (16) Telephone_select, and (17) wzFirstFlag parameters to rpwizard_1; and (18) wzConnectFlag parameter to rpwizPppoe_1.
CVE-2009-2274 1 Huawei 1 D100 2024-11-21 N/A
The Huawei D100 allows remote attackers to obtain sensitive information via a direct request to (1) lan_status_adv.asp, (2) wlan_basic_cfg.asp, or (3) lancfg.asp in en/, related to use of JavaScript to protect against reading file contents.
CVE-2009-2273 1 Huawei 2 D100, D100 Firmware 2024-11-21 N/A
The default configuration of the Wi-Fi component on the Huawei D100 does not use encryption, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
CVE-2009-2272 1 Huawei 2 D100, D100 Firmware 2024-11-21 7.5 High
The Huawei D100 stores the administrator's account name and password in cleartext in a cookie, which allows context-dependent attackers to obtain sensitive information by (1) reading a cookie file, by (2) sniffing the network for HTTP headers, and possibly by using unspecified other vectors.
CVE-2009-2271 1 Huawei 1 D100 2024-11-21 N/A
The Huawei D100 has (1) a certain default administrator password for the web interface, and does not force a password change; and has (2) a default password of admin for the admin account in the telnet interface; which makes it easier for remote attackers to obtain access.
CVE-2007-0488 1 Huawei 1 Versatile Routing Platform 2024-11-21 N/A
The Huawei Versatile Routing Platform 1.43 2500E-003 firmware on the Quidway R1600 Router, and possibly other models, allows remote attackers to cause a denial of service (device crash) via a long show arp command.
CVE-2024-51513 1 Huawei 1 Harmonyos 2024-11-07 5.5 Medium
Vulnerability of processes not being fully terminated in the VPN module Impact: Successful exploitation of this vulnerability will affect power consumption.
CVE-2024-51522 1 Huawei 1 Harmonyos 2024-11-07 6.2 Medium
Vulnerability of improper device information processing in the device management module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-51523 1 Huawei 1 Harmonyos 2024-11-07 7.1 High
Information management vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51524 1 Huawei 1 Harmonyos 2024-11-07 4 Medium
Permission control vulnerability in the Wi-Fi module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51525 1 Huawei 1 Harmonyos 2024-11-07 6.2 Medium
Permission control vulnerability in the clipboard module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51526 1 Huawei 1 Harmonyos 2024-11-07 8.2 High
Permission control vulnerability in the hidebug module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51527 1 Huawei 2 Emui, Harmonyos 2024-11-07 5.1 Medium
Permission control vulnerability in the Gallery app Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51528 1 Huawei 2 Emui, Harmonyos 2024-11-07 4 Medium
Vulnerability of improper log printing in the Super Home Screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51529 1 Huawei 2 Emui, Harmonyos 2024-11-07 5.5 Medium
Data verification vulnerability in the battery module Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2024-51530 1 Huawei 2 Emui, Harmonyos 2024-11-07 6.6 Medium
LaunchAnywhere vulnerability in the account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51520 1 Huawei 1 Harmonyos 2024-11-07 5.5 Medium
Vulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability.