Resource Exhaustion Vulnerability in Huawei Networking Products
CVE-2017-17166
What is CVE-2017-17166?
Huawei networking devices such as the DP300 and various models of the Secospace USG series exhibit a resource exhaustion vulnerability due to improper handling of certain fields in H.323 messages. Attackers can exploit this flaw by sending specially crafted H.323 messages, which could lead to service unavailability as the stack memory becomes exhausted. This vulnerability highlights the importance of secure handling of communication protocols in network devices to prevent potential service disruption and maintain operational integrity.
Affected Version(s)
DP300, Secospace USG6300,Secospace USG6500,Secospace USG6600,TP3206, VP9660 DP300 V500R002C00,Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50,Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, V500R001C50,Secospace USG6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50,TP3206 V100R002C00,VP9660 V500R002C00, V500R002C10