CVE-2017-17131

CVE Database · CVE-2017-17131

CVE-2017-17131

· N/AModified

CVSS v3.1

N/A

EPSS

0.84%

Published

Mar 5, 2018

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50 V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00; VP9660 V500R002C10 have an DoS vulnerability due to insufficient validation of the parameter when a putty comment key is loaded. An authenticated remote attacker can place a malformed putty key file in system when a system manager load the key an infinite loop happens which lead to reboot the system.

Weaknesses (CWE)

CWE-835

Affected Products (16)

huawei · dp300_firmwarevulnerable

huawei · dp300

huawei · rp200_firmwarevulnerable

huawei · rp200

huawei · te30_firmwarevulnerable

huawei · te30

huawei · te50_firmwarevulnerable

huawei · te50

huawei · te60_firmwarevulnerable

References (2)

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171206-01-vpp-en

Vendor Advisory

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171206-01-vpp-en

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs