CVE-2016-6178
CRITICALHuawei NE40E/CX600 <V800R007SPH017, PTN 6900-2-M8 <V800R007SPH019, ...
Title source: llmDescription
Huawei NE40E and CX600 devices with software before V800R007SPH017; PTN 6900-2-M8 devices with software before V800R007SPH019; NE5000E devices with software before V800R006SPH018; and CloudEngine devices 12800 with software before V100R003SPH010 and V100R005 before V100R005SPH006 allow remote attackers with control plane access to cause a denial of service or execute arbitrary code via a crafted packet.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160713-01-multicast-ldp-fec-stack-en
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/91772
Scores
CVSS v3
9.8
EPSS
0.0132
EPSS Percentile
80.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (15)
huawei/cloudengine_12800_firmware
v100r003c00
huawei/cloudengine_12800_firmware
v100r003c10
huawei/cloudengine_12800_firmware
v100r005c00
huawei/cloudengine_12800_firmware
v100r005c10
huawei/cx600_firmware
v600r008c20
huawei/cx600_firmware
v800r006c00
huawei/cx600_firmware
v800r006c20
huawei/cx600_firmware
v800r007c00
huawei/ne40e_firmware
v600r008c20
huawei/ne40e_firmware
v800r006c00
... and 5 more
Published
Aug 02, 2016
Tracked Since
Feb 18, 2026