CVE-2020-9086
MEDIUMHuawei B612 Firmware - Unauthenticated Buffer Overflow via UPNP Message
Title source: llmDescription
There is a buffer error vulnerability in some Huawei product. An unauthenticated attacker may send special UPNP message to the affected products. Due to insufficient input validation of some value, successful exploit may cause some service abnormal. (Vulnerability ID: HWPSIRT-2017-08234) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9086.
References (1)
Core 1
Core References
Scores
CVSS v3
4.3
EPSS
0.0005
EPSS Percentile
16.7%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-787
CWE-124
Status
published
Products (3)
huawei/b612_firmware
b612s-25dtcpu-v100r001b192d03sp00c234
huawei/b612_firmware
b612s-25dtcpu-v100r001b192d03sp00c287
huawei/b612_firmware
b612s-25dtcpu-v100r001b192d05sp00c00
Published
Dec 27, 2024
Tracked Since
Feb 18, 2026