PT-2016-7570 · Huawei · Huawei Usg9520+3
Published
2016-11-16
·
Updated
2017-04-05
·
CVE-2016-8796
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Huawei USG9520 version V300R001C01
Huawei USG9560 version V300R001C01
Huawei USG9580 version V300R001C01
Description
The issue is related to a denial of service (DoS) condition that can be triggered by sending abnormal DHCP request packets to the affected products. This can be done by unauthenticated attackers due to improper validation of specific fields in the DHCP message. Successful exploitation could lead to a DoS condition.
Recommendations
For Huawei USG9520 version V300R001C01, update the software to a version that properly validates DHCP request packets.
For Huawei USG9560 version V300R001C01, update the software to a version that properly validates DHCP request packets.
For Huawei USG9580 version V300R001C01, update the software to a version that properly validates DHCP request packets.
Fix
DoS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Usg9520
Huawei Usg9560
Huawei Usg9580
Huawei Vrp