PT-2016-3095 · Huawei · Huawei Ar3200+1

Publicado

2016-07-13

Atualizado

2017-03-27

CVE-2016-6206

CVSS v3.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Huawei AR3200 routers versions prior to V200R007C00SPC600

Description The issue is caused by insufficient input validation in the software of Huawei AR3200 routers. This allows a remote attacker to send a crafted packet to the device, potentially causing a denial of service or executing arbitrary code. An exploit could allow the attacker to cause a Denial of Service or remote code execution via a malformed packet.

Recommendations For versions prior to V200R007C00SPC600, update to V200R007C00SPC600 or later to resolve the issue. As a temporary workaround, consider restricting access to the router to minimize the risk of exploitation.

Correção

RCE

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

BDU:2017-00756

CVE-2016-6206

Produtos afetados

Huawei Ar3200

Huawei Vrp

PT-2016-3095 · Huawei · Huawei Ar3200+1

CVE-2016-6206

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5