PT-2016-7566 · Huawei · Huawei S12700+5
Publicado
2016-12-28
·
Atualizado
2018-03-26
·
CVE-2016-8785
CVSS v3.1
4.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Huawei S12700 versions V200R007C00 through V200R008C00
Huawei S5700 version V200R007C00
Huawei S7700 versions V200R002C00 through V200R008C00
Huawei S9700 version V200R007C00
Description
There is an input validation issue in certain Huawei devices using VRP. Due to the lack of input validation, an attacker may craft a malformed packet and send it to the device using VRP, causing the device to display additional memory data and possibly leading to sensitive information leakage.
Recommendations
For Huawei S12700 versions V200R007C00 through V200R008C00, update to a version that includes input validation fixes.
For Huawei S5700 version V200R007C00, update to a version that includes input validation fixes.
For Huawei S7700 versions V200R002C00 through V200R008C00, update to a version that includes input validation fixes.
For Huawei S9700 version V200R007C00, update to a version that includes input validation fixes.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Huawei S12700
Huawei S5700
Huawei S7700
Huawei S9700
Huawei Vrp
Vrp