CVE-2017-15354

MEDIUM

Huawei DP300, RP200, TE30, TE40, TE50, TE60, TX50 Firmware - Buffer Overflow via HTTP Message Parameters

Title source: llm
STIX 2.1

Description

Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal.

References (1)

Core 1
Core References

Scores

CVSS v3 5.3
EPSS 0.0027
EPSS Percentile 50.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Details

CWE
CWE-119
Status published
Products (14)
huawei/dp300_firmware v500r002c00
huawei/rp200_firmware v600r006c00
huawei/te30_firmware v100r001c10
huawei/te30_firmware v500r002c00
huawei/te30_firmware v600r006c00
huawei/te40_firmware v500r002c00
huawei/te40_firmware v600r006c00
huawei/te50_firmware v500r002c00
huawei/te50_firmware v600r006c00
huawei/te60_firmware v100r001c10
... and 4 more
Published Feb 15, 2018
Tracked Since Feb 18, 2026