CVE-2016-9494

MEDIUM

Hughes HN7740S DW7000 HN7000S/SM Firmware - Denial of Service via Malformed GET Request

Title source: llm
STIX 2.1

Description

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may lead to a denial of service.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
https://www.securityfocus.com/bid/96244
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/614751

Scores

CVSS v3 6.5
EPSS 0.0075
EPSS Percentile 50.5%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (4)
hughes/dw7000_firmware 6.9.0.34
hughes/hn7000s_firmware 6.9.0.34
hughes/hn7000sm_firmware 6.9.0.34
hughes/hn7740s_firmware 6.9.0.34
Published Jul 13, 2018
Tracked Since Feb 18, 2026