Huawei S5700 Firmware vulnerabilities
44 known vulnerabilities affecting huawei/s5700_firmware.
Total CVEs
44
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH23MEDIUM20LOW1
Vulnerabilities
Page 2 of 3
CVE-2017-17136MEDIUMCVSS 5.5vv200r006c00vv200r007c00+3 more2018-03-05
CVE-2017-17136 [MEDIUM] CWE-119 CVE-2017-17136: PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10;
nvd
CVE-2017-17135MEDIUMCVSS 5.5vv200r006c00vv200r007c00+3 more2018-03-05
CVE-2017-17135 [MEDIUM] CWE-476 CVE-2017-17135: PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10;
nvd
CVE-2017-17137MEDIUMCVSS 5.5vv200r006c00vv200r007c00+3 more2018-03-05
CVE-2017-17137 [MEDIUM] CWE-125 CVE-2017-17137: PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10;
nvd
CVE-2017-17138MEDIUMCVSS 5.5vv200r006c00vv200r007c00+3 more2018-03-05
CVE-2017-17138 [MEDIUM] CWE-20 CVE-2017-17138: PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R
PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007
nvd
CVE-2017-17141LOWCVSS 3.7vv200r001c00vv200r001c01+11 more2018-03-05
CVE-2017-17141 [LOW] CWE-772 CVE-2017-17141: Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009
Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00; V200R009C00;S3700 V100R006C03;S5700 V200R001C00; V200R001C01; V20
nvd
CVE-2017-17165HIGHCVSS 7.5vv200r003c00vv200r003c00spc316t+10 more2018-02-15
CVE-2017-17165 [HIGH] CWE-125 CVE-2017-17165: IPv6 function in Huawei Quidway S2700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300, Quidway S5
IPv6 function in Huawei Quidway S2700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300, Quidway S5700 V200R003C00SPC300, S2300 V200R003C00, V200R003C00SPC300T, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S2700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S5300 V200R003C00, V200R003C00SPC300T, V200R003C00SPC60
nvd
CVE-2017-17300HIGHCVSS 7.5vv200r007c00vv200r008c00+1 more2018-02-15
CVE-2017-17300 [HIGH] CWE-20 CVE-2017-17300: Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, V200R008C00, V200R009C00, S6700 V200R008C
Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, V200R008C00, V200R009C00, S6700 V200R008C00, V200R009C00, S7700 V200R008C00, V200R009C00, S9700 V200R008C00, V200R009C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specific TCP messages with keychain authentication option to the affected products. Due to t
nvd
CVE-2017-15346MEDIUMCVSS 4.7vv200r001c00vv200r002c00+8 more2018-02-15
CVE-2017-15346 [MEDIUM] CWE-20 CVE-2017-15346: XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00,S3700 V100R006C03, V100R006C0
XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00,S3700 V100R006C03, V100R006C05,S5700 V200R001C00, V200R002C00, V200R003C00, V200R003C02, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S6700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C02, V200R008C00, V200R009C00, V200R010C00,S7700
nvd
CVE-2017-15333MEDIUMCVSS 4.7vv200r001c00vv200r002c00+8 more2018-02-15
CVE-2017-15333 [MEDIUM] CWE-20 CVE-2017-15333: XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00,S3700 V100R006C03, V100R006C0
XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00,S3700 V100R006C03, V100R006C05,S5700 V200R001C00, V200R002C00, V200R003C00, V200R003C02, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S6700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C02, V200R008C00, V200R009C00, V200R010C00,S7700
nvd
CVE-2014-4705HIGHCVSS 7.5vv200r001c00spc300vv200r002c00spc100+1 more2018-01-30
CVE-2014-4705 [HIGH] CWE-119 CVE-2014-4705: Multiple heap-based buffer overflows in the eSap software platform in Huawei Campus S9300, S7700, S9
Multiple heap-based buffer overflows in the eSap software platform in Huawei Campus S9300, S7700, S9700, S5300, S5700, S6300, and S6700 series switches; AR150, AR160, AR200, AR1200, AR2200, AR3200, AR530, NetEngine16EX, SRG1300, SRG2300, and SRG3300 series routers; and WLAN AC6005, AC6605, and ACU2 access controllers allow remote attackers to cause a de
nvd
CVE-2014-5394MEDIUMCVSS 5.9vv200r001c00spc300vv200r002c00spc300+1 more2018-01-08
CVE-2014-5394 [MEDIUM] CWE-200 CVE-2014-5394: Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving
Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.
nvd
CVE-2017-15324HIGHCVSS 7.5vv200r005c002017-12-22
CVE-2017-15324 [HIGH] CWE-20 CVE-2017-15324: Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient val
Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart.
nvd
CVE-2017-8147HIGHCVSS 7.5vv100r005c00vv100r006c00+11 more2017-11-22
CVE-2017-8147 [HIGH] CWE-20 CVE-2017-8147: AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C
AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005
nvd
CVE-2015-2800HIGHCVSS 7.5≤ v200r001c00spc3002017-06-08
CVE-2015-2800 [HIGH] CWE-287 CVE-2015-2800: The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with softwar
The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remote attackers to cause a denial of service (device restart) via vectors involving authentication, which trigger an array access violation.
nvd
CVE-2016-8797HIGHCVSS 7.5vv200r006c00vv200r007c00+1 more2017-04-02
CVE-2016-8797 [HIGH] CWE-399 CVE-2016-8797: Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00,
Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software V200R008C00, V200R007C00; S7700 with software V200R008C00
nvd
CVE-2016-8773HIGHCVSS 7.5vv200r001c00vv200r002c00+6 more2017-04-02
CVE-2016-8773 [HIGH] CWE-20 CVE-2016-8773: Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V
Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C
nvd
CVE-2014-4706HIGHCVSS 7.5vv200r001c00spc300vv200r003c00spc3002017-04-02
CVE-2014-4706 [HIGH] CWE-119 CVE-2014-4706: Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100;
Huawei Campus S3700HI with software V200R001C00SPC300; Campus S5700 with software V200R002C00SPC100; Campus S7700 with software V200R003C00SPC300,V200R003C00SPC500; LSW S9700 with software V200R001C00SPC300,V200R003C00SPC300,V200R003C00SPC500; S2350 with software V200R003C00SPC300; S2750 with software V200R003C00SPC300; S5300 with software V200R001C00SP
nvd
CVE-2016-2404HIGHCVSS 7.5vv200r001c00spc300vv200r002c00spc100+3 more2017-04-02
CVE-2016-2404 [HIGH] CWE-264 CVE-2016-2404: Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R
Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting
nvd
CVE-2014-8572HIGHCVSS 7.5≤ v200r005c00spc300vv100r006+3 more2017-04-02
CVE-2014-8572 [HIGH] CWE-20 CVE-2014-8572: Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R00
Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with software V200R002C00; S2300, S3300, S2700, S3700 with software V100R006C05 and earlier versions; S5300, S5700, S6300, S6700 with software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions; S7700, S9300, S9300E, S
nvd
CVE-2015-8085MEDIUMCVSS 4.9vv200r001c00vv200r002c00+3 more2016-10-03
CVE-2015-8085 [MEDIUM] CWE-326 CVE-2015-8085: Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before
Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 make it easier for remote authenticated administrator
nvd