Huawei Secospace Antiddos8000 Firmware vulnerabilities

9 known vulnerabilities affecting huawei/secospace_antiddos8000_firmware.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2020-1864HIGHCVSS 8.1vv500r001c00vv500r001c20+2 more2020-03-20
CVE-2020-1864 [HIGH] CWE-287 CVE-2020-1864: Some Huawei products have a security vulnerability due to improper authentication. A remote attacker Some Huawei products have a security vulnerability due to improper authentication. A remote attacker needs to obtain some information and forge the peer device to send specific packets to the affected device. Due to the improper implementation of the authentication function, attackers can exploit the vulnerability to connect to affected devices and exec
nvd
CVE-2019-5304HIGHCVSS 7.5vv500r001c20vv500r001c60+1 more2020-01-03
CVE-2019-5304 [HIGH] CWE-120 CVE-2019-5304: Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could se Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.
nvd
CVE-2019-5254HIGHCVSS 8.6vv500r001c00vv500r001c00spc200+17 more2019-12-13
CVE-2019-5254 [HIGH] CWE-125 CVE-2019-5254: Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800 Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port
nvd
CVE-2019-5255MEDIUMCVSS 5.5vv500r001c00vv500r001c00spc200+17 more2019-12-13
CVE-2019-5255 [MEDIUM] CWE-125 CVE-2019-5255: Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800 Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient
nvd
CVE-2019-5257MEDIUMCVSS 5.5vv500r001c00vv500r001c00spc200+17 more2019-12-13
CVE-2019-5257 [MEDIUM] CWE-120 CVE-2019-5257: Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800 Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network.
nvd
CVE-2019-5256MEDIUMCVSS 5.5vv500r001c00vv500r001c00spc200+17 more2019-12-13
CVE-2019-5256 [MEDIUM] CWE-476 CVE-2019-5256: Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800 Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local at
nvd
CVE-2019-5258MEDIUMCVSS 5.5vv500r001c00vv500r001c00spc200+17 more2019-12-13
CVE-2019-5258 [MEDIUM] CWE-120 CVE-2019-5258: Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800 Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port o
nvd
CVE-2017-17164MEDIUMCVSS 5.3vv500r001c20spc5002018-02-15
CVE-2017-17164 [MEDIUM] CWE-772 CVE-2017-17164: Huawei Secospace AntiDDoS8000 V500R001C20SPC500 have a memory leak vulnerability due to memory don't Huawei Secospace AntiDDoS8000 V500R001C20SPC500 have a memory leak vulnerability due to memory don't be released when the system open some function. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.
nvd
CVE-2016-4576CRITICALCVSS 9.8vv500r001c002016-05-23
CVE-2016-4576 [CRITICAL] CWE-119 CVE-2016-4576: Buffer overflow in the Application Specific Packet Filtering (ASPF) functionality in the Huawei IPS Buffer overflow in the Application Specific Packet Filtering (ASPF) functionality in the Huawei IPS Module, NGFW Module, NIP6300, NIP6600, Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 devices with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, re
nvd