Huawei Ar 18-3X vulnerabilities
3 known vulnerabilities affecting huawei/ar_18-3x.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2012-6569CRITICALCVSS 9.3≤ r01182013-06-20
CVE-2012-6569 [CRITICAL] CWE-119 CVE-2012-6569: Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS
Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI.
nvd
CVE-2012-6570CRITICALCVSS 10.0≤ r01182013-06-20
CVE-2012-6570 [CRITICAL] CWE-119 CVE-2012-6570: The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management compon
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer over
nvd
CVE-2012-6571HIGHCVSS 7.5≤ r01182013-06-20
CVE-2012-6571 [HIGH] CWE-310 CVE-2012-6571: The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management compon
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, and S7800 switches uses predictable Session ID values, which makes it easier for remote attackers to hijack sessions via a brute-force attack.
nvd