|
249881
|
8.8 |
HIGH
Network
|
huawei
|
hedex_lite
|
HedEx Earlier than V200R006C00 versions has a cross-site request forgery (CSRF) vulnerability. An attacker could trick a user into accessing a website containing malicious scripts which may tamper wi…
|
CWE-352
Origin Validation Error
|
CVE-2017-8138
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249882
|
7.8 |
HIGH
Local
|
huawei
|
hedex_lite
|
HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability…
|
CWE-426
Untrusted Search Path
|
CVE-2017-8137
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249883
|
5.5 |
MEDIUM
Local
|
huawei
|
hedex_lite
|
HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability. An attacker could exploit it to download arbitrary files on a target device to cause information leak.
|
CWE-200
Information Exposure
|
CVE-2017-8136
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249884
|
8.8 |
HIGH
Adjacent
|
huawei
|
fusionsphere_openstack
|
The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated att…
|
CWE-77
Command Injection
|
CVE-2017-8135
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249885
|
8.8 |
HIGH
Adjacent
|
huawei
|
fusionsphere_openstack
|
The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated att…
|
CWE-77
Command Injection
|
CVE-2017-8134
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249886
|
8.8 |
HIGH
Network
|
huawei
|
neteco
|
Huawei iManager NetEco with software V600R008C00 and V600R008C10 has a command injection vulnerability. An authenticated, remote attacker could exploit this vulnerability to send malicious packets to…
|
CWE-77
Command Injection
|
CVE-2017-8133
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249887
|
8.8 |
HIGH
Adjacent
|
huawei
|
fusionsphere_openstack
|
The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated att…
|
CWE-77
Command Injection
|
CVE-2017-8132
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249888
|
8.8 |
HIGH
Adjacent
|
huawei
|
fusionsphere_openstack
|
The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated att…
|
CWE-77
Command Injection
|
CVE-2017-8131
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249889
|
6.5 |
MEDIUM
Network
|
huawei
|
uma
|
The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak.
|
CWE-200
Information Exposure
|
CVE-2017-8130
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249890
|
9.8 |
CRITICAL
Network
|
huawei
|
uma
|
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packe…
|
CWE-20
Improper Input Validation
|
CVE-2017-8129
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
