CVE-2016-8781

Huawei Secospace USG6300 with software V500R001C20 and V500R001C20SPC200PWE, Secospace USG6500 with software V500R001C20, Secospace USG6600 with software V500R001C20 and V500R001C20SPC200PWE allow remote attackers with specific permission to log in to a device and deliver a large number of unspecified commands to exhaust memory, causing a DoS condition.

Published: Apr 2, 2017
Updated: Apr 13, 2023
CVE: CVE-2016-8781
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:N/A:P

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
huawei / secospace_usg6300_firmware	500r001c20	500r001c20.x
huawei / secospace_usg6300_firmware	500r001c20spc200pwe	500r001c20spc200pwe.x
huawei / secospace_usg6500_firmware	500r001c20	500r001c20.x
huawei / secospace_usg6600_firmware	500r001c20	500r001c20.x
huawei / secospace_usg6600_firmware	500r001c20spc200pwe	500r001c20spc200pwe.x

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161214-01-firewall-en
http://www.securityfocus.com/bid/94927

Vulnerability Database

289,599

CVE-2016-8781