CVE-2016-5234Improper Restriction of Operations within the Bounds of a Memory Buffer in Huawei Rse6500 Firmware

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
8.1HIGHNVD
EPSS
1.7%
top 17.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Rse6500 FirmwareHuawei Vp9600 Series Firmware
Timeline
PublishedJun 13
Latest updateMay 17

Description

Buffer overflow in Huawei VP9660, VP9650, and VP9630 multipoint control unit devices with software before V500R002C00SPC200 and RSE6500 videoconference devices with software before V500R002C00SPC100, when an unspecified service is enabled, allows remote attackers to execute arbitrary code via a crafted packet, aka HWPSIRT-2016-05054.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages2 packages

NVDhuawei/rse6500_firmwarev100r001c00
NVDhuawei/vp9600_series_firmwarev200r001c01, v200r001c02, v200r001c30+2

🔴Vulnerability Details

2
GHSA
GHSA-f65p-697p-wwf4: Buffer overflow in Huawei VP9660, VP9650, and VP9630 multipoint control unit devices with software before V500R002C00SPC200 and RSE6500 videoconferenc2022-05-17
CVEList
CVE-2016-5234: Buffer overflow in Huawei VP9660, VP9650, and VP9630 multipoint control unit devices with software before V500R002C00SPC200 and RSE6500 videoconferenc2016-06-13
CVE-2016-5234 — Huawei Rse6500 Firmware vulnerability | cvebase