Home Hacking News Numerous Vulnerabilities Found In Huawei Web Applications And Servers
Hacking NewsLatest Cyber Security News | Network Security HackingNewsVulnerabilities

Numerous Vulnerabilities Found In Huawei Web Applications And Servers

by Abeerah Hashim
written by Abeerah Hashim
Huawei web applications and servers

Security vulnerabilities can affect any IT infrastructure at any time. What counts here is how vigilant a firm remains to fix the flaws before exploit. Recently, researchers have spotted multiple vulnerabilities in Huawei web applications and servers. Exploiting these vulnerabilities could have affected the business continuity as well as information security.

Huawei Web Applications And Servers

Researchers from Swascan have discovered serious security flaws in Huawei’s IT infrastructure. These include critical vulnerabilities affecting Huawei web applications and servers. Researchers have elaborated their findings in a blog post.

The researchers found numerous vulnerabilities that could have directly affected Huawei operations. As stated in their blog,

A few vulnerabilities ranked as critical that, if exploited by Malicious Attackers or Cybercriminals, could have impacted business continuity, user’s data, and information security and the regular operation of their services.

While they haven’t specifically stated the vulnerabilities, they have hinted toward the kind of flaws they discovered via CWE categories. As reported, they found three main types of vulnerabilities affected Huawei web apps and servers. These include OS command injection (CWE-78), out-of-bounds read (CWE-125), and improper restriction of operations within the bounds of a memory buffer (CWE-119). Upon exploit, these vulnerabilities could have resulted in information disclosure, system crash, unauthenticated command execution, and other risks.

Huawei Patched The Flaws

Upon finding the vulnerabilities, Team Swascan approached Huawei to report the matter. Like their previous experienced with Lenovo, Microsoft, and Adobe, the researchers faced no difficulty in resolving the issues. As commented by Pierguido Iezzi, co-founder Swascan,

Our experience with Huawei shows that if these values are correctly understood they can be an additional backbone to create an effective and efficient Cyber Security Framework.

He also emphasized the importance of close collaboration with tech companies and cybersecurity experts.

In order to face the emerging threats of the Criminal hackers, a double action is necessary: on the company side, a secure IT infrastructure and a qualified staff is necessary, together with the skills and tools that only the experts of Cyber Security can give.

Let us know your thoughts in the comments.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

You may also like

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall...

Personal Data Exposed in Massive Global Hack: Understanding...

Guardz Welcomes SentinelOne as Strategic Partner and Investor...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...

LayerSlider WordPress Plugin Vulnerability Affected Thousands Of Websites

OWASP Disclosed Data Breach Affecting Old Members

Center Identity Launches Patented Passwordless Authentication for Businesses