PT-2017-15487 · Huawei · Huawei Ac6605+2
Published
2017-05-17
·
Updated
2019-10-03
·
CVE-2017-2700
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Huawei AC6005 versions V200R006C10
Huawei AC6605 versions V200R006C10
Description
The issue is related to a lack of adequate input validation, allowing an attacker to send malformed packets to the device. This results in device memory leaks, leading to potential DoS attacks.
Recommendations
For Huawei AC6005 version V200R006C10, update the software to a version that addresses the input validation issue.
For Huawei AC6605 version V200R006C10, update the software to a version that addresses the input validation issue.
As a temporary workaround, consider restricting access to the device to minimize the risk of exploitation.
Fix
DoS
Missing Release of Resource after Effective Lifetime
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Ac6005
Huawei Ac6605
Huawei Vrp