Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2019-5304

Published: 03/01/2020 Updated: 09/01/2020
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Ar120-s Firmware

Vulnerability Summary

Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

huawei ar120-s_firmware v200r006c10

huawei ar120-s_firmware v200r007c00

huawei ar120-s_firmware v200r008c20

huawei ar120-s_firmware v200r008c50

huawei ar1200_firmware v200r003c01

huawei ar1200_firmware v200r005c20

huawei ar1200_firmware v200r006c10

huawei ar1200_firmware v200r007c00

huawei ar1200_firmware v200r008c20

huawei ar1200_firmware v200r008c50

huawei ar1200-s_firmware v200r003c01

huawei ar1200-s_firmware v200r005c20

huawei ar1200-s_firmware v200r006c10

huawei ar1200-s_firmware v200r007c00

huawei ar1200-s_firmware v200r008c20

huawei ar1200-s_firmware v200r008c50

huawei ar150_firmware v200r003c01

huawei ar150_firmware v200r005c20

huawei ar150_firmware v200r006c10

huawei ar150_firmware v200r007c00

huawei ar150_firmware v200r008c20

huawei ar150_firmware v200r008c50

huawei ar150-s_firmware v200r003c01

huawei ar150-s_firmware v200r005c20

huawei ar150-s_firmware v200r006c10

huawei ar150-s_firmware v200r007c00

huawei ar150-s_firmware v200r008c20

huawei ar150-s_firmware v200r008c50

huawei ar160_firmware v200r005c20

huawei ar160_firmware v200r006c10

huawei ar160_firmware v200r007c00

huawei ar160_firmware v200r008c20

huawei ar160_firmware v200r008c50

huawei ar200_firmware v200r003c01

huawei ar200_firmware v200r005c20

huawei ar200_firmware v200r006c10

huawei ar200_firmware v200r007c00

huawei ar200_firmware v200r008c20

huawei ar200_firmware v200r008c50

huawei ar200-s_firmware v200r003c01

huawei ar200-s_firmware v200r005c20

huawei ar200-s_firmware v200r006c10

huawei ar200-s_firmware v200r007c00

huawei ar200-s_firmware v200r008c20

huawei ar200-s_firmware v200r008c50

huawei ar2200_firmware v200r003c01

huawei ar2200_firmware v200r005c20

huawei ar2200_firmware v200r006c10

huawei ar2200_firmware v200r007c00

huawei ar2200_firmware v200r008c20

huawei ar2200_firmware v200r008c50

huawei ar2200-s_firmware v200r003c01

huawei ar2200-s_firmware v200r005c20

huawei ar2200-s_firmware v200r006c10

huawei ar2200-s_firmware v200r008c20

huawei ar2200-s_firmware v200r008c50

huawei ar3200_firmware v200r003c01

huawei ar3200_firmware v200r005c20

huawei ar3200_firmware v200r006c10

huawei ar3200_firmware v200r007c00

huawei ar3200_firmware v200r008c20

huawei ar3200_firmware v200r008c50

huawei ar3600_firmware v200r006c10

huawei ar3600_firmware v200r007c00

huawei ar3600_firmware v200r008c20

huawei ar3600_firmware v200r008c50

huawei ips_module_firmware v500r001c20

huawei ips_module_firmware v500r001c30

huawei ngfw_module_firmware v500r001c20

huawei ngfw_module_firmware v500r002c00

huawei nip6300_firmware v500r001c20

huawei nip6300_firmware v500r001c30

huawei nip6600_firmware v500r001c20

huawei nip6600_firmware v500r001c30

huawei netengine16ex_firmware v200r005c20

huawei netengine16ex_firmware v200r006c10

huawei netengine16ex_firmware v200r007c00

huawei netengine16ex_firmware v200r008c20

huawei netengine16ex_firmware v200r008c50

huawei s5700_firmware v200r005c00

huawei s5700_firmware v200r005c02

huawei s5700_firmware v200r005c03

huawei s5700_firmware v200r006c00

huawei s5700_firmware v200r007c00

huawei s5700_firmware v200r008c00

huawei s5700_firmware v200r010c00

huawei s5700_firmware v200r011c00

huawei s6700_firmware v200r005c00

huawei s6700_firmware v200r005c01

huawei s6700_firmware v200r005c02

huawei s6700_firmware v200r008c00

huawei s6700_firmware v200r010c00

huawei s6700_firmware v200r011c00

huawei srg1300_firmware v200r003c01

huawei srg1300_firmware v200r005c20

huawei srg1300_firmware v200r006c10

huawei srg1300_firmware v200r007c00

huawei srg1300_firmware v200r008c20

huawei srg1300_firmware v200r008c50

huawei srg2300_firmware v200r003c01

huawei srg2300_firmware v200r005c20

huawei srg2300_firmware v200r006c10

huawei srg2300_firmware v200r007c00

huawei srg2300_firmware v200r008c20

huawei srg2300_firmware v200r008c50

huawei srg3300_firmware v200r003c01

huawei srg3300_firmware v200r005c20

huawei srg3300_firmware v200r006c10

huawei srg3300_firmware v200r007c00

huawei srg3300_firmware v200r008c20

huawei srg3300_firmware v200r008c50

huawei secospace_antiddos8000_firmware v500r001c20

huawei secospace_antiddos8000_firmware v500r001c60

huawei secospace_antiddos8000_firmware v500r005c00

huawei secospace_usg6300_firmware v500r001c20

huawei secospace_usg6300_firmware v500r001c30

huawei secospace_usg6500_firmware v500r001c20

huawei secospace_usg6500_firmware v500r001c30

huawei secospace_usg6600_firmware v500r001c20

huawei secospace_usg6600_firmware v500r001c30

Vendor Advisories

Huawei Security Advisories: Security Advisory - Buffer Error Vulnerability in Some Huawei Products
There is a buffer error vulnerability in some Huawei products An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset (Vulnerability ID: HWPSIRT-2019-04074) This vulnerability ...

References

CWE-120https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-enhttps://nvd.nist.govhttps://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook