CVE-2017-17151

CWE-20Improper Input Validation3 documents3 sources
Severity
5.9MEDIUM
EPSS
0.1%
top 67.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
30
Huawei Ar100-s FirmwareHuawei Ar100 FirmwareHuawei Ar110-s Firmware+27 more
Timeline
PublishedFeb 15
Latest updateMay 14

Description

Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR510, DP300, NetEngine16EX, RP200, SRG1300, SRG2300, SRG3300, TE30, TE40, TE50, TE60, TP3106, TP3206, ViewPoint 8660, and ViewPoint 9030 have an insufficient validation vulnerability. Since packet validation is insufficient, an unauthenticated attacker may send special H323 packets to exploit the vulnerability. Successful exploit could allow the attacker to send mal

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages30 packages

NVDhuawei/ar1200_firmware25 versions+24
NVDhuawei/ar1200-s_firmware13 versions+12
NVDhuawei/viewpoint_8660_firmware19 versions+18
NVDhuawei/viewpoint_9030_firmware15 versions+14
NVDhuawei/ar100_firmware5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-qg78-79j4-jwpv: Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR510, DP300, NetEn2022-05-14
CVEList
CVE-2017-17151: Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR510, DP300, NetEn2018-02-15