cbcvebase.
CVE-2019-5291
published 2019-12-13

CVE-2019-5291: Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets…

medium5.9CVSS 3.1
AVNACHPRNUINSUCNINAH
Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal.

Affected

69 ranges· showing 25
VendorProductVersion rangeFixed in
huaweiar120-s_firmware
huaweiar120-s_firmware
huaweiar120-s_firmware
huaweiar120-s_firmware
huaweiar1200-s_firmware
huaweiar1200-s_firmware
huaweiar1200-s_firmware
huaweiar1200-s_firmware
huaweiar1200_firmware
huaweiar1200_firmware
huaweiar1200_firmware
huaweiar1200_firmware
huaweiar150-s_firmware
huaweiar150-s_firmware
huaweiar150-s_firmware
huaweiar150-s_firmware
huaweiar150_firmware
huaweiar150_firmware
huaweiar150_firmware
huaweiar150_firmware
huaweiar160_firmware
huaweiar160_firmware
huaweiar160_firmware
huaweiar160_firmware
huaweiar200-s_firmware