PT-2015-7304 · Huawei · Huawei Wlan Ac6005+3

Published

2015-09-09

Updated

2017-06-07

CVE-2015-6586

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Huawei WLAN AC6005 versions prior to V200R006C00SPC100 Huawei WLAN AC6605 versions prior to V200R006C00SPC100 Huawei WLAN ACU2 versions prior to V200R006C00SPC100

Description The issue concerns the mDNS module in Huawei WLAN AC products, which fails to restrict processing of mDNS unicast queries to the link local network. This allows remote attackers to obtain sensitive information by sending mDNS unicast queries from outside the link local network, such as the WAN.

Recommendations For Huawei WLAN AC6005 versions prior to V200R006C00SPC100, update to version V200R006C00SPC100 or later. For Huawei WLAN AC6605 versions prior to V200R006C00SPC100, update to version V200R006C00SPC100 or later. For Huawei WLAN ACU2 versions prior to V200R006C00SPC100, update to version V200R006C00SPC100 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2015-6586

Affected Products

Huawei Vrp

Huawei Wlan Ac6005

Huawei Wlan Ac6605

Huawei Wlan Acu2

PT-2015-7304 · Huawei · Huawei Wlan Ac6005+3

CVE-2015-6586

Weakness Enumeration

Related Identifiers

Affected Products

References · 5