critical
9.8
CWE
20
Advisory Published
Updated

CVE-2016-6178: Input Validation

First published: Tue Aug 02 2016(Updated: )

Huawei NE40E and CX600 devices with software before V800R007SPH017; PTN 6900-2-M8 devices with software before V800R007SPH019; NE5000E devices with software before V800R006SPH018; and CloudEngine devices 12800 with software before V100R003SPH010 and V100R005 before V100R005SPH006 allow remote attackers with control plane access to cause a denial of service or execute arbitrary code via a crafted packet.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Huawei NE5000E firmware=v800r006c00
Huawei NE Router Software
Huawei CloudEngine 12800=v100r003c00
Huawei CloudEngine 12800=v100r003c10
Huawei CloudEngine 12800=v100r005c00
Huawei CloudEngine 12800=v100r005c10
Huawei CloudEngine 12800
Huawei PTN 6900-2-M8=v800r007c00
Huawei PTN 6900-2-M8 firmware
Huawei CX600 Firmware=v600r008c20
Huawei CX600 Firmware=v800r006c00
Huawei CX600 Firmware=v800r006c20
Huawei CX600 Firmware=v800r007c00
Huawei CX600 firmware
Huawei NE40E Firmware=v600r008c20
Huawei NE40E Firmware=v800r006c00
Huawei NE40E Firmware=v800r006c20
Huawei NE40E Firmware=v800r006c30
Huawei NE40E Firmware=v800r007c00
Huawei NE40E firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2016-6178?

    CVE-2016-6178 has a high severity rating due to the potential for remote attacks on affected devices.

  • How do I fix CVE-2016-6178?

    To fix CVE-2016-6178, upgrade your Huawei NE40E, CX600, NE5000E, PTN 6900-2-M8, or CloudEngine 12800 devices to the patched firmware versions provided by Huawei.

  • Which devices are affected by CVE-2016-6178?

    CVE-2016-6178 affects Huawei NE40E, CX600, NE5000E, PTN 6900-2-M8, and CloudEngine 12800 devices running specific vulnerable firmware versions.

  • What types of attacks are possible with CVE-2016-6178?

    CVE-2016-6178 allows remote attackers to execute unauthorized actions on the vulnerable devices.

  • Is there an official advisory for CVE-2016-6178?

    Yes, there is an official Huawei security advisory detailing the CVE-2016-6178 vulnerability and recommended mitigations.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203