Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-40007

EPSS 0.15% · P36
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-40007

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. The vulnerability is caused by improper log output management. An attacker with the ability to access the log file of device may lead to information disclosure.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Huawei eCNS280_TD 信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Huawei eCNS280_TD是中国华为(Huawei)公司的无线宽带集群系统的核心网设备。基于网络功能虚拟化(Network Functions Virtualization,NFV)和云化架构设计,提供传统核心网的网络功能外,还通过将网元功能虚拟化、在多网元间共享标准化硬件资源,来给各网元提供可根据实际应用的容量配置,提高网络扩容减容效率,提升业务上线效率。 Huawei eCNS280_TD 存在信息泄露漏洞,该漏洞源于日志输出管理不当造成的。具有访问设备日志文件能力的攻击者可能会导致信息泄露。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-eCNS280_TD V100R005C10SPC650 -

II. Public POCs for CVE-2021-40007

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-40007

登录查看更多情报信息。

Same Patch Batch · n/a · 2021-12-13 · 21 CVEs total

CVE-2021-40858Auerswald Compact 系列 路径遍历漏洞
CVE-2021-44155Reprise Software Reprise License Manager 安全漏洞
CVE-2021-44152Reprise Software Reprise License Manager 访问控制错误漏洞
CVE-2021-44151Reprise Software Reprise License Manager 安全特征问题漏洞
CVE-2018-25022c-toxcore 信息泄露漏洞
CVE-2021-44847TokTok c-toxcore 缓冲区错误漏洞
CVE-2018-25021c-toxcore 安全漏洞
CVE-2021-44848Cybele Software Thinfinity VirtualUI授权问题漏洞
CVE-2021-40856Auerswald COMfortel 1400和2600 IP 授权问题漏洞
CVE-2021-40857Auerswald Compact 系列安全漏洞
CVE-2020-19042zzcms 跨站脚本漏洞
CVE-2021-44153Reprise License Manager 安全漏洞
CVE-2021-44154Reprise Software Reprise License Manager 安全漏洞
CVE-2021-43117fastadmin 代码问题漏洞
CVE-2021-44966Phpgurukul Employee Record Management System SQL注入漏洞
CVE-2021-44965PHPGURUKUL Employee Record Management System 路径遍历漏洞
CVE-2021-40008Huawei CloudEngine 安全漏洞
CVE-2020-16154cpanminus 数据伪造问题漏洞
CVE-2020-16155cpanminus 安全漏洞
CVE-2020-16156cpanminus 数据伪造问题漏洞

IV. Related Vulnerabilities

Same product: eCNS280_TD
Same vendor: n/a

V. Comments for CVE-2021-40007

No comments yet

Leave a comment