CVE-2017-17200

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

5.9MEDIUM

EPSS

0.3%

top 50.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Dp300 Firmware Huawei Rp200 Firmware Huawei Te30 Firmware +3 more

Timeline

PublishedMar 9

Latest updateMay 14

Description

Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bound…

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages6 packages

▶NVDhuawei/te30_firmwarev100r001c10, v500r002c00, v600r006c00+2

▶NVDhuawei/te40_firmwarev500r002c00, v600r006c00+1

▶NVDhuawei/te50_firmwarev500r002c00, v600r006c00+1

▶NVDhuawei/te60_firmwarev100r001c10, v500r002c00, v600r006c00+2

▶NVDhuawei/dp300_firmwarev500r002c00

🔴Vulnerability Details

GHSA

GHSA-7537-h7wh-g7v7: Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00;↗2022-05-14

▶

CVEList

CVE-2017-17200: Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00;↗2018-03-09

▶