Huawei Data Communication: DoS Vulnerability in Multiple Huawei Devices (huawei-sa-20161228-01-rsvp) CVE-2016-8786
- CVSSv3 Score
- Vulnerability description
There is a denial of service (DoS) vulnerability in multiple Huawei devices.
- Risk description
There is a denial of service (DoS) vulnerability in multiple Huawei devices. Due to the lack of input validation, a remote attacker may craft a malformed Resource Reservation Protocol(RSVP) packet and send it to the device, causing a few buffer overflows and occasional device restart. (Vulnerability ID: HWPSIRT-2016-07017)Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references. An attacker may exploit this vulnerability to cause the device to restart occasionally.
See the referenced vendor advisory for a solution.
- Not available