PT-2017-15487 · Huawei · Huawei Ac6605+2
Publicado
2017-05-17
·
Atualizado
2019-10-03
·
CVE-2017-2700
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Huawei AC6005 versions V200R006C10
Huawei AC6605 versions V200R006C10
Description
The issue is related to a lack of adequate input validation, allowing an attacker to send malformed packets to the device. This results in device memory leaks, leading to potential DoS attacks.
Recommendations
For Huawei AC6005 version V200R006C10, update the software to a version that addresses the input validation issue.
For Huawei AC6605 version V200R006C10, update the software to a version that addresses the input validation issue.
As a temporary workaround, consider restricting access to the device to minimize the risk of exploitation.
Correção
DoS
Missing Release of Resource after Effective Lifetime
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Huawei Ac6005
Huawei Ac6605
Huawei Vrp