CVE-2012-6570
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response.
El módulo HTTP en (1) Branch Intelligent Management System (BIMS) y (2) componentes de gestión web de switches de Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, y S8500 no comprueba si los datos HTTP son mayores que el valor del campo Content-Length, que permite a los servidores HTTP remotos realizar ataques de desbordamiento de búfer basado en montículo y ejecutar código arbitrario a través de una respuesta elaborada.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-06-20 CVE Reserved
- 2013-06-20 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194361.htm | 2013-06-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Ar 18-1x Search vendor "Huawei" for product "Ar 18-1x" | <= r0130 Search vendor "Huawei" for product "Ar 18-1x" and version " <= r0130" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Ar 18-2x Search vendor "Huawei" for product "Ar 18-2x" | <= r1712 Search vendor "Huawei" for product "Ar 18-2x" and version " <= r1712" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Ar 18-3x Search vendor "Huawei" for product "Ar 18-3x" | <= r0118 Search vendor "Huawei" for product "Ar 18-3x" and version " <= r0118" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Ar 19\/29\/49 Search vendor "Huawei" for product "Ar 19\/29\/49" | <= r2207 Search vendor "Huawei" for product "Ar 19\/29\/49" and version " <= r2207" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Ar 28\/46 Search vendor "Huawei" for product "Ar 28\/46" | <= r0311 Search vendor "Huawei" for product "Ar 28\/46" and version " <= r0311" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S2000 Search vendor "Huawei" for product "S2000" | r6305 Search vendor "Huawei" for product "S2000" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S2300 Search vendor "Huawei" for product "S2300" | r6305 Search vendor "Huawei" for product "S2300" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S2700 Search vendor "Huawei" for product "S2700" | r6305 Search vendor "Huawei" for product "S2700" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S3000 Search vendor "Huawei" for product "S3000" | r6305 Search vendor "Huawei" for product "S3000" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S3300 Search vendor "Huawei" for product "S3300" | r6305 Search vendor "Huawei" for product "S3300" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S3300hi Search vendor "Huawei" for product "S3300hi" | r6305 Search vendor "Huawei" for product "S3300hi" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S3500 Search vendor "Huawei" for product "S3500" | r6305 Search vendor "Huawei" for product "S3500" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S3700 Search vendor "Huawei" for product "S3700" | r6305 Search vendor "Huawei" for product "S3700" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S3900 Search vendor "Huawei" for product "S3900" | r6305 Search vendor "Huawei" for product "S3900" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S5100 Search vendor "Huawei" for product "S5100" | r6305 Search vendor "Huawei" for product "S5100" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S5600 Search vendor "Huawei" for product "S5600" | r6305 Search vendor "Huawei" for product "S5600" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S7800 Search vendor "Huawei" for product "S7800" | r6305 Search vendor "Huawei" for product "S7800" and version "r6305" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S8500 Search vendor "Huawei" for product "S8500" | r1631 Search vendor "Huawei" for product "S8500" and version "r1631" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | S8500 Search vendor "Huawei" for product "S8500" | r1632 Search vendor "Huawei" for product "S8500" and version "r1632" | - |
Affected
| ||||||