B612S25Dtcpuv100R001B192D05Sp00C00

CVSS 4.3 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

low complexity

huawei

CWE-787

NVD

Published: 2024-12-27

Updated: 2025-01-13

Summary

There is a buffer error vulnerability in some Huawei product. An unauthenticated attacker may send special UPNP message to the affected products. Due to insufficient input validation of some value, successful exploit may cause some service abnormal. (Vulnerability ID: HWPSIRT-2017-08234) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9086.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei B612 Firmware B612S-25Dtcpu-V100R001B192D03Sp00C234 Huawei B612 Firmware B612S-25Dtcpu-V100R001B192D03Sp00C287 Huawei B612 Firmware B612S-25Dtcpu-V100R001B192D05Sp00C00	3
Hardware	Huawei Huawei B612 -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-01-buffer_en