CVE-2017-17146: Buffer Overflow
First published: Fri Mar 09 2018(Updated: )
Huawei DP300 V500R002C00 have a buffer overflow vulnerability due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks or remote code execution on the device.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Dp300 Firmware | <=v500r002c00 | |
| Huawei DP300 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2017-17146?
CVE-2017-17146 refers to a buffer overflow vulnerability in Huawei DP300 V500R002C00.
What is the severity of CVE-2017-17146?
CVE-2017-17146 has a severity value of 7.8, which is considered high.
How does CVE-2017-17146 affect Huawei DP300 V500R002C00?
CVE-2017-17146 allows an authenticated local attacker to craft specific XML files that can result in DoS attacks or remote code execution on the affected Huawei DP300 V500R002C00 devices.
How can CVE-2017-17146 be exploited?
CVE-2017-17146 can be exploited by parsing crafted XML files that trigger a buffer overflow in Huawei DP300 V500R002C00.
Is Huawei DP300 V500R002C00 the only affected product?
Yes, Huawei DP300 V500R002C00 is the only affected product by CVE-2017-17146.
- collector/nvd-index
- vendor/huawei
- canonical/huawei dp300 firmware
- version/huawei dp300 firmware/v500r002c00
- canonical/huawei dp300