Description
Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, V200R008C00, V200R009C00, S6700 V200R008C00, V200R009C00, S7700 V200R008C00, V200R009C00, S9700 V200R008C00, V200R009C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specific TCP messages with keychain authentication option to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause the affected products to reset.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171215-01-router-en
Scores
CVSS v3
7.5
EPSS
0.0042
EPSS Percentile
62.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (11)
huawei/s12700_firmware
v200r008c00
huawei/s12700_firmware
v200r009c00
huawei/s5700_firmware
v200r007c00
huawei/s5700_firmware
v200r008c00
huawei/s5700_firmware
v200r009c00
huawei/s6700_firmware
v200r008c00
huawei/s6700_firmware
v200r009c00
huawei/s7700_firmware
v200r008c00
huawei/s7700_firmware
v200r009c00
huawei/s9700_firmware
v200r008c00
... and 1 more
Published
Feb 15, 2018
Tracked Since
Feb 18, 2026