CVE-2017-17318
MEDIUMHuawei E5771h-937 Firmware < v200r001b329d05sp00c1308 - Denial of Service via HTTP Request
Title source: llmDescription
Huawei MBB (Mobile Broadband) products E5771h-937 with the versions before E5771h-937TCPU-V200R001B328D62SP00C1133 and the versions before E5771h-937TCPU-V200R001B329D05SP00C1308 have a Denial of Service (DoS) vulnerability. When an attacker accessing device sends special http request to device, the webserver process will try to apply too much memory which can cause the device to become unable to respond. An attacker can launch a DoS attack by exploiting this vulnerability.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180428-01-mbb-en
Scores
CVSS v3
6.5
EPSS
0.0005
EPSS Percentile
14.8%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (1)
huawei/e5771h-937_firmware
< v200r001b329d05sp00c1308
Published
Apr 30, 2018
Tracked Since
Feb 18, 2026