CVE-2016-6901

Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200, AR2500, AR3200, and AR3600 routers with software before V200R007C00SPC900 and NetEngine 16EX routers with software before V200R007C00SPC900 allows remote authenticated users to cause a denial of service via format string specifiers in vectors involving partial commands.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:huawei:ar_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar_firmware:v200r005:*:*:*:*:*:*:*
cpe:2.3:o:huawei:ar_firmware:v200r006:*:*:*:*:*:*:*
OR cpe:2.3:h:huawei:ar2500:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar3600:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar100:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar550:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar2200:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar120:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar150:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar500:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:huawei:netengine_16ex_firmware:v200r006:*:*:*:*:*:*:*
cpe:2.3:o:huawei:netengine_16ex_firmware:v200r005:*:*:*:*:*:*:*
cpe:2.3:o:huawei:netengine_16ex_firmware:v200r007c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:netengine_16ex:-:*:*:*:*:*:*:*

Information

Published : 2016-09-26 09:59

Updated : 2016-09-28 06:51


NVD link : CVE-2016-6901

Mitre link : CVE-2016-6901


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

huawei

  • ar2200
  • ar3200
  • ar120
  • ar500
  • ar200
  • ar_firmware
  • ar150
  • netengine_16ex_firmware
  • ar550
  • ar100
  • ar3600
  • netengine_16ex
  • ar1200
  • ar2500