Denial of Service Vulnerability in Huawei SmartAX MT882 Devices
CVE-2016-2314

4.9MEDIUM

Key Information:

Vendor: Huawei
Status: Mt882 Firmware
Vendor: CVE Published:; 15 February 2016

Summary

A vulnerability exists in Huawei SmartAX MT882 devices, specifically in the GlobespanVirata ftpd 1.0 implementation. This allows remote authenticated users to exploit the FTP MKD command by creating a directory with an excessively long name, which can lead to device outages. By leveraging this vulnerability, attackers can disrupt the normal functioning of the device, significantly impacting network availability.

References

https://debihiga.wordpress.com/sa-ftp/

x_refsource_MISC

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2016
Vulnerability Reserved
Feb 11, 2016