CVE-2016-9494

Name of the Vulnerable Software and Affected Versions Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM

Description The issue is related to improper input validation. Specifically, the advanced status web page, which is linked to from the basic status web page, does not properly parse malformed GET requests, such as "/api/advanced status". This may lead to a denial of service.

Recommendations For Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, consider restricting access to the advanced status web page until a proper fix is available. As a temporary workaround, avoid using malformed GET requests to the affected web page. At the moment, there is no information about a newer version that contains a fix for this vulnerability.