Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for hg8045q_firmware by huawei

    CVE-2021-37028 (GCVE-0-2021-37028)

    Vulnerability from nvd – Published: 2021-08-13 15:52 – Updated: 2024-08-04 01:09
    VLAI
    Summary
    There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands.
    Severity
    No CVSS data available.
    CWE
    • command injection
    Assigner
    References
    URL Tags
    https://support.huawei.com/carrier/navi?coltype=s… x_refsource_MISC
    http://jvn.jp/en/jp/JVN41646618/index.html third-party-advisoryx_refsource_JVN
    Impacted products
    Vendor Product Version
    n/a EchoLife HG8045Q Affected: V300R016C00,V300R018C10
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T01:09:07.662Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.huawei.com/carrier/navi?coltype=software#col=software\u0026from=product\u0026detailId=PBI1-252279599\u0026path=PBI1-252301455/PBI1-252303293/PBI1-23709862/PBI1-22318696/PBI1-21457383"
              },
              {
                "name": "JVN#41646618",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN41646618/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "EchoLife HG8045Q",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V300R016C00,V300R018C10"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-17T04:06:23.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.huawei.com/carrier/navi?coltype=software#col=software\u0026from=product\u0026detailId=PBI1-252279599\u0026path=PBI1-252301455/PBI1-252303293/PBI1-23709862/PBI1-22318696/PBI1-21457383"
            },
            {
              "name": "JVN#41646618",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN41646618/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2021-37028",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "EchoLife HG8045Q",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V300R016C00,V300R018C10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.huawei.com/carrier/navi?coltype=software#col=software\u0026from=product\u0026detailId=PBI1-252279599\u0026path=PBI1-252301455/PBI1-252303293/PBI1-23709862/PBI1-22318696/PBI1-21457383",
                  "refsource": "MISC",
                  "url": "https://support.huawei.com/carrier/navi?coltype=software#col=software\u0026from=product\u0026detailId=PBI1-252279599\u0026path=PBI1-252301455/PBI1-252303293/PBI1-23709862/PBI1-22318696/PBI1-21457383"
                },
                {
                  "name": "JVN#41646618",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN41646618/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2021-37028",
        "datePublished": "2021-08-13T15:52:38.000Z",
        "dateReserved": "2021-07-20T00:00:00.000Z",
        "dateUpdated": "2024-08-04T01:09:07.662Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-7900 (GCVE-0-2018-7900)

    Vulnerability from nvd – Published: 2019-01-02 16:00 – Updated: 2024-08-05 06:37
    VLAI
    Summary
    There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability.
    Severity
    No CVSS data available.
    CWE
    • information leak
    Assigner
    References
    Impacted products
    Date Public
    2018-12-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:37:59.608Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.newskysecurity.com/information-disclosure-vulnerability-cve-2018-7900-makes-it-easy-for-attackers-to-find-huawei-3e7039b6f44f"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20181219-01-hg-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "some HG products",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "customized versions"
                }
              ]
            }
          ],
          "datePublic": "2018-12-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information leak",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-03T21:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.newskysecurity.com/information-disclosure-vulnerability-cve-2018-7900-makes-it-easy-for-attackers-to-find-huawei-3e7039b6f44f"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20181219-01-hg-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2018-7900",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "some HG products",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "customized versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information leak"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.newskysecurity.com/information-disclosure-vulnerability-cve-2018-7900-makes-it-easy-for-attackers-to-find-huawei-3e7039b6f44f",
                  "refsource": "MISC",
                  "url": "https://blog.newskysecurity.com/information-disclosure-vulnerability-cve-2018-7900-makes-it-easy-for-attackers-to-find-huawei-3e7039b6f44f"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20181219-01-hg-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20181219-01-hg-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2018-7900",
        "datePublished": "2019-01-02T16:00:00.000Z",
        "dateReserved": "2018-03-09T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:37:59.608Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-37028 (GCVE-0-2021-37028)

    Vulnerability from cvelistv5 – Published: 2021-08-13 15:52 – Updated: 2024-08-04 01:09
    VLAI
    Summary
    There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands.
    Severity
    No CVSS data available.
    CWE
    • command injection
    Assigner
    References
    URL Tags
    https://support.huawei.com/carrier/navi?coltype=s… x_refsource_MISC
    http://jvn.jp/en/jp/JVN41646618/index.html third-party-advisoryx_refsource_JVN
    Impacted products
    Vendor Product Version
    n/a EchoLife HG8045Q Affected: V300R016C00,V300R018C10
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T01:09:07.662Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.huawei.com/carrier/navi?coltype=software#col=software\u0026from=product\u0026detailId=PBI1-252279599\u0026path=PBI1-252301455/PBI1-252303293/PBI1-23709862/PBI1-22318696/PBI1-21457383"
              },
              {
                "name": "JVN#41646618",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN41646618/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "EchoLife HG8045Q",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V300R016C00,V300R018C10"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-08-17T04:06:23.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.huawei.com/carrier/navi?coltype=software#col=software\u0026from=product\u0026detailId=PBI1-252279599\u0026path=PBI1-252301455/PBI1-252303293/PBI1-23709862/PBI1-22318696/PBI1-21457383"
            },
            {
              "name": "JVN#41646618",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN41646618/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2021-37028",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "EchoLife HG8045Q",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V300R016C00,V300R018C10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.huawei.com/carrier/navi?coltype=software#col=software\u0026from=product\u0026detailId=PBI1-252279599\u0026path=PBI1-252301455/PBI1-252303293/PBI1-23709862/PBI1-22318696/PBI1-21457383",
                  "refsource": "MISC",
                  "url": "https://support.huawei.com/carrier/navi?coltype=software#col=software\u0026from=product\u0026detailId=PBI1-252279599\u0026path=PBI1-252301455/PBI1-252303293/PBI1-23709862/PBI1-22318696/PBI1-21457383"
                },
                {
                  "name": "JVN#41646618",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN41646618/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2021-37028",
        "datePublished": "2021-08-13T15:52:38.000Z",
        "dateReserved": "2021-07-20T00:00:00.000Z",
        "dateUpdated": "2024-08-04T01:09:07.662Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-7900 (GCVE-0-2018-7900)

    Vulnerability from cvelistv5 – Published: 2019-01-02 16:00 – Updated: 2024-08-05 06:37
    VLAI
    Summary
    There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability.
    Severity
    No CVSS data available.
    CWE
    • information leak
    Assigner
    References
    Impacted products
    Date Public
    2018-12-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:37:59.608Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.newskysecurity.com/information-disclosure-vulnerability-cve-2018-7900-makes-it-easy-for-attackers-to-find-huawei-3e7039b6f44f"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20181219-01-hg-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "some HG products",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "customized versions"
                }
              ]
            }
          ],
          "datePublic": "2018-12-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information leak",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-03T21:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.newskysecurity.com/information-disclosure-vulnerability-cve-2018-7900-makes-it-easy-for-attackers-to-find-huawei-3e7039b6f44f"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20181219-01-hg-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2018-7900",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "some HG products",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "customized versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information leak"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.newskysecurity.com/information-disclosure-vulnerability-cve-2018-7900-makes-it-easy-for-attackers-to-find-huawei-3e7039b6f44f",
                  "refsource": "MISC",
                  "url": "https://blog.newskysecurity.com/information-disclosure-vulnerability-cve-2018-7900-makes-it-easy-for-attackers-to-find-huawei-3e7039b6f44f"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20181219-01-hg-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20181219-01-hg-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2018-7900",
        "datePublished": "2019-01-02T16:00:00.000Z",
        "dateReserved": "2018-03-09T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:37:59.608Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }