CVE-2016-4576
CRITICALHuawei IPS/NGFW/NIP6300/NIP6600/USG6300/USG6500/USG6600/USG9500/AntiDDoS8000 Buffer Overflow via ASPF Packet
Title source: llmDescription
Buffer overflow in the Application Specific Packet Filtering (ASPF) functionality in the Huawei IPS Module, NGFW Module, NIP6300, NIP6600, Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 devices with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to "illegitimate parameters."
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/90530
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-aspf-en
Scores
CVSS v3
9.8
EPSS
0.0235
EPSS Percentile
85.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (9)
huawei/ips_module_firmware
v500r001c00
huawei/ngfw_module_firmware
v500r001c00
huawei/nip6300_firmware
v500r001c00
huawei/nip6600_firmware
v500r001c00
huawei/secospace_antiddos8000_firmware
v500r001c00
huawei/secospace_usg6300_firmware
v500r001c00
huawei/secospace_usg6500_firmware
v500r001c00
huawei/secospace_usg6600_firmware
v500r001c00
huawei/usg9500_firmware
v500r001c00
Published
May 23, 2016
Tracked Since
Feb 18, 2026