Huawei Cloudengine 12800 Firmware V100r003c00 Denial Of Service Execute Code Vulnerability
21 Nov. 2016
Huawei NE40E and CX600 devices with software before V800R007SPH017; PTN 6900-2-M8 devices with software before V800R007SPH019; NE5000E devices with software before V800R006SPH018; and CloudEngine devices 12800 with software before V100R003SPH010 and V100R005 before V100R005SPH006 allow remote attackers with control plane access to cause a denial of service or execute arbitrary code via a crafted packet.
There is an input validation vulnerability in Huawei multiple products, an attacker with control plane access may exploit this vulnerability by crafting a malformed packet. An exploit could allow the attacker to cause a Denial of Service or execute arbitrary code. This vulnerability has been assigned Common Vulnerabilities and Exposures.