Taurus Al00A Firmware
CVE-2021-22304
LOW
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Lifecycle Timeline
1DescriptionNVD
There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected module. This may lead to module crash, compromising normal service.
AnalysisAI
There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Use After Free (CWE-416), which allows attackers to access freed memory to execute arbitrary code or crash the application. There is a use after free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected module. This may lead to module crash, compromising normal service. Affected products include: Huawei Taurus-Al00A Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use smart pointers or garbage-collected languages. Set pointers to NULL after freeing. Enable memory sanitizers.
More in Taurus Al00A Firmware
View allSome Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Rated high severity (CVSS 7.5),
There is an out-of-bound read vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). Rated high severity (CVSS 7.1), this vu
There is a use after free vulnerability in Taurus-AL00A versions 10.0.0.1(C00E1R1P1). Rated medium severity (CVSS 5.5),
Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds read vulnerability in XFRM module. Rated medium severity (
There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1(C00E1R1P1). Rated low severity (CVSS 3.3), this vu
Same weakness CWE-416 – Use After Free
View allSame technique Use After Free
View allShare
External POC / Exploit Code
Leaving vuln.today