CVE-2017-17166
published 2018-02-15CVE-2017-17166: Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30…
medium5.3CVSS 3.0
AVNACLPRNUINSUCNINAL
Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, TP3206 V100R002C00, VP9660 V500R002C00, V500R002C10 have a resource exhaustion vulnerability. The software does not process certain field of H.323 message properly, a remote unauthenticated attacker could send crafted H.323 message to the device, successful exploit could cause certain service unavailable since the stack memory is exhausted.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| huawei | dp300_firmware | — | — |
| huawei | secospace_usg6300_firmware | — | — |
| huawei | secospace_usg6300_firmware | — | — |
| huawei | secospace_usg6300_firmware | — | — |
| huawei | secospace_usg6300_firmware | — | — |
| huawei | secospace_usg6500_firmware | — | — |
| huawei | secospace_usg6500_firmware | — | — |
| huawei | secospace_usg6500_firmware | — | — |
| huawei | secospace_usg6500_firmware | — | — |
| huawei | secospace_usg6600_firmware | — | — |
| huawei | secospace_usg6600_firmware | — | — |
| huawei | secospace_usg6600_firmware | — | — |
| huawei | secospace_usg6600_firmware | — | — |
| huawei | tp3206_firmware | — | — |
| huawei | vp9660_firmware | — | — |
| huawei | vp9660_firmware | — | — |