PT-2016-6034 · Huawei · Secospace Usg6500+5
Published
2016-05-11
·
Updated
2016-11-28
·
CVE-2016-4577
CVSS v3.1
7.5
High
| Vector | AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Huawei NGFW Module and Secospace USG6300, USG6500, USG6600, and USG9500 firewalls with software before V500R001C20SPC100
USG series with software before V500R001C20SPC100
Description
The issue is related to a buffer overflow in the Smart DNS functionality, allowing remote attackers to cause a denial of service or execute arbitrary code via a crafted packet with
illegitimate parameters. This can be achieved by sending a malformed packet to the affected devices.Recommendations
For Huawei NGFW Module and Secospace USG6300, USG6500, USG6600, and USG9500 firewalls with software before V500R001C20SPC100, update to a version V500R001C20SPC100 or later.
For USG series with software before V500R001C20SPC100, update to a version V500R001C20SPC100 or later.
As a temporary workaround, consider restricting access to the Smart DNS function to minimize the risk of exploitation.
Fix
DoS
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Ngfw Module
Huawei Vrp
Secospace Usg6300
Secospace Usg6500
Secospace Usg6600
Secospace Usg9500