CVE-2017-17282

Name of the Vulnerable Software and Affected Versions: Huawei DP300 versions V500R002C00 Huawei RP200 versions V500R002C00, V600R006C00 Huawei TE30 versions V100R001C10, V500R002C00, V600R006C00 Huawei TE40 versions V500R002C00, V600R006C00 Huawei TE50 versions V500R002C00, V600R006C00 Huawei TE60 versions V100R001C10, V500R002C00, V600R006C00

Description: The issue is related to a buffer overflow in the SCCP module. An attacker needs to send malformed packets to the affected products repeatedly, exploiting insufficient input validation. Successful exploitation may cause service abnormalities.

Recommendations: For Huawei DP300 version V500R002C00, update to a version that fixes the buffer overflow vulnerability in the SCCP module. For Huawei RP200 versions V500R002C00, V600R006C00, update to a version that fixes the buffer overflow vulnerability in the SCCP module. For Huawei TE30 versions V100R001C10, V500R002C00, V600R006C00, update to a version that fixes the buffer overflow vulnerability in the SCCP module. For Huawei TE40 versions V500R002C00, V600R006C00, update to a version that fixes the buffer overflow vulnerability in the SCCP module. For Huawei TE50 versions V500R002C00, V600R006C00, update to a version that fixes the buffer overflow vulnerability in the SCCP module. For Huawei TE60 versions V100R001C10, V500R002C00, V600R006C00, update to a version that fixes the buffer overflow vulnerability in the SCCP module.