PT-2016-3095 · Huawei · Huawei Ar3200+1

Published

2016-07-13

Updated

2017-03-27

CVE-2016-6206

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Huawei AR3200 routers versions prior to V200R007C00SPC600

Description The issue is caused by insufficient input validation in the software of Huawei AR3200 routers. This allows a remote attacker to send a crafted packet to the device, potentially causing a denial of service or executing arbitrary code. An exploit could allow the attacker to cause a Denial of Service or remote code execution via a malformed packet.

Recommendations For versions prior to V200R007C00SPC600, update to V200R007C00SPC600 or later to resolve the issue. As a temporary workaround, consider restricting access to the router to minimize the risk of exploitation.

Fix

RCE

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2017-00756

CVE-2016-6206

Affected Products

Huawei Ar3200

Huawei Vrp

PT-2016-3095 · Huawei · Huawei Ar3200+1

CVE-2016-6206

Weakness Enumeration

Related Identifiers

Affected Products

References · 5