Vulnerability Database

309,587

Total vulnerabilities in the database

CVE-2016-6901

Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service via format string specifiers in vectors involving partial commands.

Published: Sep 26, 2016
Updated: Nov 9, 2025
CVE: CVE-2016-6901
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:L/Au:S/C:N/I:N/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
huawei / ar_firmware	200r005	200r005.x
huawei / ar_firmware	200r006	200r006.x
huawei / ar_firmware	200r007c00	200r007c00.x
huawei / netengine_16ex_firmware	200r005	200r005.x
huawei / netengine_16ex_firmware	200r006	200r006.x
huawei / netengine_16ex_firmware	200r007c00	200r007c00.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo