CVE-2016-8786
HIGHHuawei S12700 S5700 S6700 S7700 S9700 Firmware - Denial of Service via Malformed RSVP Packet
Title source: llmDescription
Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, S5700 V200R006C00, V200R007C00, V200R008C00, S6700 V200R008C00, S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00 have a denial of service (DoS) vulnerability. Due to the lack of input validation, a remote attacker may craft a malformed Resource Reservation Protocol (RSVP) packet and send it to the device, causing a few buffer overflows and occasional device restart.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/95139
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161228-01-rsvp-en
Scores
CVSS v3
7.5
EPSS
0.0022
EPSS Percentile
44.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (22)
huawei/s12700_firmware
v200r005c00
huawei/s12700_firmware
v200r006c00
huawei/s12700_firmware
v200r007c00
huawei/s12700_firmware
v200r008c00
huawei/s5700_firmware
v200r006c00
huawei/s5700_firmware
v200r007c00
huawei/s5700_firmware
v200r008c00
huawei/s6700_firmware
v200r008c00
huawei/s7700_firmware
v200r001c00
huawei/s7700_firmware
v200r002c00
... and 12 more
Published
Mar 09, 2018
Tracked Since
Feb 18, 2026