PT-2017-7283 · Huawei · E3272S

Kirill Nesterov

Published

2017-04-02

Updated

2017-04-11

CVE-2015-7847

CVSS v2.0

4.9

Medium

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Huawei MBB product E3272s versions earlier than E3272s-153TCPU-V200R002B491D09SP00C00

Description The issue allows an attacker to send a malicious packet to the Common Gateway Interface (CGI) of a target device, causing it to fail while setting the port attribute. This results in a Denial of Service (DoS) attack.

Recommendations For versions earlier than E3272s-153TCPU-V200R002B491D09SP00C00, update to version E3272s-153TCPU-V200R002B491D09SP00C00 or later to resolve the issue. As a temporary workaround, consider restricting access to the CGI to minimize the risk of exploitation.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2015-7847

Affected Products

E3272S

PT-2017-7283 · Huawei · E3272S

CVE-2015-7847

Weakness Enumeration

Related Identifiers

Affected Products

References · 2