CVE-2017-17166
Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, TP3206 V100R002C00, VP9660 V500R002C00, V500R002C10 have a resource exhaustion vulnerability. The software does not process certain field of H.323 message properly, a remote unauthenticated attacker could send crafted H.323 message to the device, successful exploit could cause certain service unavailable since the stack memory is exhausted.
| Software | From | Fixed in |
|---|---|---|
| huawei / dp300_firmware | 500r002c00 | 500r002c00.x |
| huawei / secospace_usg6300_firmware | 500r001c00 | 500r001c00.x |
| huawei / secospace_usg6300_firmware | 500r001c20 | 500r001c20.x |
| huawei / secospace_usg6300_firmware | 500r001c30 | 500r001c30.x |
| huawei / secospace_usg6300_firmware | 500r001c50 | 500r001c50.x |
| huawei / secospace_usg6500_firmware | 500r001c00 | 500r001c00.x |
| huawei / secospace_usg6500_firmware | 500r001c20 | 500r001c20.x |
| huawei / secospace_usg6500_firmware | 500r001c30 | 500r001c30.x |
| huawei / secospace_usg6500_firmware | 500r001c50 | 500r001c50.x |
| huawei / secospace_usg6600_firmware | 500r001c00 | 500r001c00.x |
| huawei / secospace_usg6600_firmware | 500r001c20 | 500r001c20.x |
| huawei / secospace_usg6600_firmware | 500r001c30 | 500r001c30.x |
| huawei / secospace_usg6600_firmware | 500r001c50 | 500r001c50.x |
| huawei / tp3206_firmware | 100r002c00 | 100r002c00.x |
| huawei / vp9660_firmware | 500r002c00 | 500r002c00.x |
| huawei / vp9660_firmware | 500r002c10 | 500r002c10.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime