| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support autocomplete. |
| The Huawei D100 allows remote attackers to obtain sensitive information via a direct request to (1) lan_status_adv.asp, (2) wlan_basic_cfg.asp, or (3) lancfg.asp in en/, related to use of JavaScript to protect against reading file contents. |
| The Huawei D100 has (1) a certain default administrator password for the web interface, and does not force a password change; and has (2) a default password of admin for the admin account in the telnet interface; which makes it easier for remote attackers to obtain access. |
| The default configuration of the Wi-Fi component on the Huawei D100 does not use encryption, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. |
| The Huawei Versatile Routing Platform 1.43 2500E-003 firmware on the Quidway R1600 Router, and possibly other models, allows remote attackers to cause a denial of service (device crash) via a long show arp command. |
| Address read vulnerability in the communication module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| UAF vulnerability in the security module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Permission control vulnerability in the AMS module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Out-of-bounds write vulnerability in the file system module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Authentication bypass vulnerability in the device authentication module. Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. |
| Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability. |
| Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Heap-based buffer overflow vulnerability in the image module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Out-of-bounds write vulnerability in the camera module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Type confusion vulnerability in the camera module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Out-of-bounds read issue in the media subsystem.
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. |
| Address read vulnerability in the HDC module.
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. |
| Buffer overflow vulnerability in the HDC module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Permission control vulnerability in the HDC module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Out-of-bounds read vulnerability in the graphics module.
Impact: Successful exploitation of this vulnerability may affect availability. |