PT-2016-5849 · Huawei · Huawei S12700+2

Published

2016-04-27

Updated

2016-05-25

CVE-2016-4087

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Huawei S12700 switches versions prior to V200R008C00SPC500 Huawei S5700 switches versions prior to V200R005SPH010

Description The issue is related to an input validation vulnerability that can be exploited when the debug switch is enabled on the device. An attacker with network access can craft malformed DNS packets and send them to the target device, potentially causing a denial of service or allowing remote code execution.

Recommendations For Huawei S12700 switches versions prior to V200R008C00SPC500, update to V200R008C00SPC500 or later to resolve the issue. For Huawei S5700 switches versions prior to V200R005SPH010, update to V200R005SPH010 or later to resolve the issue. As a temporary workaround, consider disabling the debug switch on the devices until a patch is available.

Fix

RCE

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2016-4087

Affected Products

Huawei S12700

Huawei S5700

Huawei Vrp

PT-2016-5849 · Huawei · Huawei S12700+2

CVE-2016-4087

Weakness Enumeration

Related Identifiers

Affected Products

References · 3