CVE-2019-5304

CWE-120Classic Buffer Overflow3 documents3 sources
Severity
7.5HIGH
EPSS
0.2%
top 52.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
26
Huawei Ar120-s FirmwareHuawei Ar1200-s FirmwareHuawei Ar1200 Firmware+23 more
Timeline
PublishedJan 3
Latest updateMay 24

Description

Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages26 packages

NVDhuawei/ar150_firmware6 versions+5
NVDhuawei/ar160_firmware5 versions+4
NVDhuawei/ar200_firmware6 versions+5
NVDhuawei/s5700_firmware8 versions+7
NVDhuawei/s6700_firmware6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-g2v6-85vj-6rw8: Some Huawei products have a buffer error vulnerability2022-05-24
CVEList
CVE-2019-5304: Some Huawei products have a buffer error vulnerability2020-01-03