CVE-2017-17132

CWE-134 — Uncontrolled Format String3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.0%

top 94.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Technologies Co., Ltd. Vp9660 Huawei Vp9660 Firmware

Timeline

PublishedMar 5

Latest updateMay 14

Description

Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module output the log information. An authenticated local attacker could exploit this vulnerability to cause a denial of service.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDhuawei/vp9660_firmwarev500r002c10

▶CVEListV5huawei_technologies_co.,_ltd./vp9660V500R002C10

🔴Vulnerability Details

GHSA

GHSA-78f6-722x-3325: Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module output the log information↗2022-05-14

▶

CVEList

CVE-2017-17132: Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module output the log information↗2018-03-05

▶