Browse all 3 CVE security advisories affecting Hillstone Networks. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Hillstone Networks develops next-generation firewalls and security solutions for enterprise networks. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and authentication flaws. While no major public security incidents have been widely reported, the three CVEs on record highlight potential weaknesses in their software. Their security architecture emphasizes deep packet inspection and threat prevention, though the presence of historical vulnerabilities suggests ongoing attention to secure coding practices is necessary for maintaining robust network defenses.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-1791 | Arbitrary File Upload Vulnerability in Operation and Maintenance Security Gateway — Operation and Maintenance Security GatewayCWE-434 | 2.7 | Low | 2026-02-04 |
| CVE-2025-2239 | Absolute Path Disclosure Vulnerability in Hillstone Next Generation FireWall — Hillstone Next Generation FireWallCWE-209 | 5.3 | Medium | 2025-03-12 |
| CVE-2024-8073 | Command Injection Vulnerability in Hillstone Networks Web Application Firewall — Hillstone Networks Web Application FirewallCWE-20 | 9.8 | Critical | 2024-08-26 |
This page lists every published CVE security advisory associated with Hillstone Networks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.