Resource Exhaustion Vulnerability in Huawei and Secospace USG Devices

Resource Exhaustion Vulnerability in Huawei and Secospace USG Devices

CVE-2017-17166 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, TP3206 V100R002C00, VP9660 V500R002C00, V500R002C10 have a resource exhaustion vulnerability. The software does not process certain field of H.323 message properly, a remote unauthenticated attacker could send crafted H.323 message to the device, successful exploit could cause certain service unavailable since the stack memory is exhausted.

Learn more about our Web Application Penetration Testing UK.