cbcvebase.
CVE-2017-17160
published 2018-02-15

CVE-2017-17160: Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150…

medium5.9CVSS 3.0
AVNACHPRNUINSUCNINAH
Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C02, AR200 V200R006C10, V200R007C00, AR200-S V200R006C10, V200R007C00, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C02, AR2200-S V200R006C10, V200R007C00, V200R008C20, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C02, AR3600 V200R006C10, V200R007C00, AR510 V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, NetEngine16EX V200R006C10, V200R007C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, SRG2300 V200R006C10, V200R007C00, V200R007C02, SRG3300 V200R006C10, V200R007C00 have a buffer overflow vulnerability due to incomplete range checks of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious IKE packets to the targeted device. An exploit could allow the attacker to cause the device to write out of bound and restart.

Affected

51 ranges· showing 25
VendorProductVersion rangeFixed in
huaweiar120-s_firmware
huaweiar120-s_firmware
huaweiar1200-s_firmware
huaweiar1200-s_firmware
huaweiar1200-s_firmware
huaweiar1200_firmware
huaweiar1200_firmware
huaweiar1200_firmware
huaweiar1200_firmware
huaweiar150-s_firmware
huaweiar150-s_firmware
huaweiar150_firmware
huaweiar150_firmware
huaweiar150_firmware
huaweiar160_firmware
huaweiar160_firmware
huaweiar160_firmware
huaweiar160_firmware
huaweiar200-s_firmware
huaweiar200-s_firmware
huaweiar200_firmware
huaweiar200_firmware
huaweiar2200-s_firmware
huaweiar2200-s_firmware
huaweiar2200-s_firmware