CVE-2017-17287

Name of the Vulnerable Software and Affected Versions: Huawei AR120-S versions V200R005C32 through V200R008C30 Huawei AR1200 versions V200R005C32 through V200R008C30 Huawei AR1200-S versions V200R005C32 through V200R008C30 Huawei AR150 versions V200R005C32 through V200R008C30 Huawei AR150-S versions V200R005C32 through V200R008C30 Huawei AR160 versions V200R005C32 through V200R008C30 Huawei AR200 versions V200R005C32 through V200R008C30 Huawei AR200-S versions V200R005C32 through V200R008C30 Huawei AR2200 versions V200R006C10 through V200R008C30 Huawei AR2200-S versions V200R005C32 through V200R008C30 Huawei AR3200 versions V200R005C32 through V200R008C30 Huawei AR3600 versions V200R006C10 through V200R008C20 Huawei AR510 versions V200R005C32 through V200R008C30 Huawei NetEngine16EX versions V200R005C32 through V200R008C30 Huawei SRG1300 versions V200R005C32 through V200R008C30 Huawei SRG2300 versions V200R005C32 through V200R008C30 Huawei SRG3300 versions V200R005C32 through V200R008C30

Description: The issue is an out-of-bound read vulnerability due to insufficient input validation. A remote, unauthenticated attacker may send a crafted signature to the affected products, potentially causing a buffer overflow and services to become abnormal.

Recommendations: For Huawei AR120-S versions V200R005C32 through V200R008C30, consider disabling the vulnerable function until a patch is available. For Huawei AR1200 versions V200R005C32 through V200R008C30, restrict access to the vulnerable module to minimize the risk of exploitation. For Huawei AR1200-S versions V200R005C32 through V200R008C30, avoid using the vulnerable parameter in the affected API endpoint until the issue is resolved. For Huawei AR150 versions V200R005C32 through V200R008C30, consider applying configuration changes to mitigate the risk. For Huawei AR150-S versions V200R005C32 through V200R008C30, restrict access to the vulnerable module to minimize the risk of exploitation. For Huawei AR160 versions V200R005C32 through V200R008C30, consider disabling the vulnerable function until a patch is available. For Huawei AR200 versions V200R005C32 through V200R008C30, avoid using the vulnerable parameter in the affected API endpoint until the issue is resolved. For Huawei AR200-S versions V200R005C32 through V200R008C30, consider applying configuration changes to mitigate the risk. For Huawei AR2200 versions V200R006C10 through V200R008C30, restrict access to the vulnerable module to minimize the risk of exploitation. For Huawei AR2200-S versions V200R005C32 through V200R008C30, consider disabling the vulnerable function until a patch is available. For Huawei AR3200 versions V200R005C32 through V200R008C30, avoid using the vulnerable parameter in the affected API endpoint until the issue is resolved. For Huawei AR3600 versions V200R006C10 through V200R008C20, consider applying configuration changes to mitigate the risk. For Huawei AR510 versions V200R005C32 through V200R008C30, restrict access to the vulnerable module to minimize the risk of exploitation. For Huawei NetEngine16EX versions V200R005C32 through V200R008C30, consider disabling the vulnerable function until a patch is available. For Huawei SRG1300 versions V200R005C32 through V200R008C30, avoid using the vulnerable parameter in the affected API endpoint until the issue is resolved. For Huawei SRG2300 versions V200R005C32 through V200R008C30, consider applying configuration changes to mitigate the risk. For Huawei SRG3300 versions V200R005C32 through V200R008C30, restrict access to the vulnerable module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.