Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2020-1866

There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00.

  • Published: Jan 14, 2021
  • Updated: Apr 13, 2023
  • CVE: CVE-2020-1866
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

  • Severity: Low
  • Score: 3.3
  • AV:A/AC:L/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
huawei / nip6800_firmware 500r001c30 500r001c30.x
huawei / nip6800_firmware 500r001c60spc500 500r001c60spc500.x
huawei / nip6800_firmware 500r005c00 500r005c00.x
huawei / s12700_firmware 200r008c00 200r008c00.x
huawei / s2700_firmware 200r008c00 200r008c00.x
huawei / s5700_firmware 200r008c00 200r008c00.x
huawei / s6700_firmware 200r008c00 200r008c00.x
huawei / s7700_firmware 200r008c00 200r008c00.x
huawei / s9700_firmware 200r008c00 200r008c00.x
huawei / secospace_usg6600_firmware 500r001c30spc200 500r001c30spc200.x
huawei / secospace_usg6600_firmware 500r001c30spc600 500r001c30spc600.x
huawei / secospace_usg6600_firmware 500r001c60spc500 500r001c60spc500.x
huawei / secospace_usg6600_firmware 500r005c00 500r005c00.x
huawei / usg9500_firmware 500r001c30spc300 500r001c30spc300.x
huawei / usg9500_firmware 500r001c30spc600 500r001c30spc600.x
huawei / usg9500_firmware 500r001c60spc500 500r001c60spc500.x
huawei / usg9500_firmware 500r005c00 500r005c00.x