CVE-2017-17299

CWE-20 — Improper Input Validation3 documents3 sources

Severity

7.5HIGH

EPSS

0.1%

top 64.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Ar120-s Firmware Huawei Ar1200-s Firmware Huawei Ar1200 Firmware +13 more

Timeline

PublishedFeb 15

Latest updateMay 14

Description

Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00S, V200R007C02, AR200 V200R006C10, V200R007C00, AR200-S V200R006C10, V200R007C00, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C02, AR2200-S V200R006C10, V200R007C00, V200R008C20, AR3200 V200R006C10, V200R006…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages16 packages

▶NVDhuawei/ar1200_firmware4 versions+3

▶NVDhuawei/ar1200-s_firmwarev200r006c10, v200r007c00, v200r008c20+2

▶NVDhuawei/ar150_firmwarev200r006c10, v200r007c00, v200r007c02+2

▶NVDhuawei/ar200_firmwarev200r006c10, v200r007c00+1

▶NVDhuawei/ar2200_firmware5 versions+4

🔴Vulnerability Details

GHSA

GHSA-g2g3-6w9c-4x86: Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR↗2022-05-14

▶

CVEList

CVE-2017-17299: Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR↗2018-02-15

▶