Huawei SRG3300 Firmware V200R007C00SPCB00

CPE Details

Huawei SRG3300 Firmware V200R007C00SPCB00
huawei
srg3300_firmware
v200r007c00spcb00
2020-02-21
20h01 +00:00
2020-02-21
20h01 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:huawei:srg3300_firmware:v200r007c00spcb00:*:*:*:*:*:*:*

Informations

Vendor

huawei

Product

srg3300_firmware

Version

v200r007c00spcb00

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-9071 2020-06-01 12h02 +00:00 There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads data past the end of the intended buffer when parsing certain message, an authenticated attacker could exploit this vulnerability by sending crafted messages to the device. Successful exploit may cause service abnormal in specific scenario.Affected product versions include:AR120-S versions V200R007C00SPC900,V200R007C00SPCa00
6.5
Medium
CVE-2017-17151 2018-02-15 15h00 +00:00 Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR510, DP300, NetEngine16EX, RP200, SRG1300, SRG2300, SRG3300, TE30, TE40, TE50, TE60, TP3106, TP3206, ViewPoint 8660, and ViewPoint 9030 have an insufficient validation vulnerability. Since packet validation is insufficient, an unauthenticated attacker may send special H323 packets to exploit the vulnerability. Successful exploit could allow the attacker to send malicious packets and result in DOS attacks.
5.9
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.