CVE-2016-4576
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow in the Application Specific Packet Filtering (ASPF) functionality in the Huawei IPS Module, NGFW Module, NIP6300, NIP6600, Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 devices with software before V500R001C20SPC100 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet, related to "illegitimate parameters."
Desbordamiento de buffer en la funcionalidad Application Specific Packet Filtering (ASPF) en dispositivos Huawei IPS Module, NGFW Module, NIP6300, NIP6600, Secospace USG6300, USG6500, USG6600, USG9500 y AntiDDoS8000 con software en versiones anteriores a V500R001C20SPC100 permite a atacantes remotos provocar una denegación de servicio o ejecutar código arbitrario a través de un paquete manipulado, relacionado con "illegitimate parameters".
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-05-11 CVE Reserved
- 2016-05-23 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/90530 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160511-01-aspf-en | 2016-11-28 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Nip6300 Firmware Search vendor "Huawei" for product "Nip6300 Firmware" | v500r001c00 Search vendor "Huawei" for product "Nip6300 Firmware" and version "v500r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Nip6300 Search vendor "Huawei" for product "Nip6300" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Secospace Usg6500 Firmware Search vendor "Huawei" for product "Secospace Usg6500 Firmware" | v500r001c00 Search vendor "Huawei" for product "Secospace Usg6500 Firmware" and version "v500r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Secospace Usg6500 Search vendor "Huawei" for product "Secospace Usg6500" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Secospace Antiddos8000 Firmware Search vendor "Huawei" for product "Secospace Antiddos8000 Firmware" | v500r001c00 Search vendor "Huawei" for product "Secospace Antiddos8000 Firmware" and version "v500r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Secospace Antiddos8000 Search vendor "Huawei" for product "Secospace Antiddos8000" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Usg9500 Firmware Search vendor "Huawei" for product "Usg9500 Firmware" | v500r001c00 Search vendor "Huawei" for product "Usg9500 Firmware" and version "v500r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Usg9500 Search vendor "Huawei" for product "Usg9500" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Secospace Usg6300 Firmware Search vendor "Huawei" for product "Secospace Usg6300 Firmware" | v500r001c00 Search vendor "Huawei" for product "Secospace Usg6300 Firmware" and version "v500r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Secospace Usg6300 Search vendor "Huawei" for product "Secospace Usg6300" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ngfw Module Firmware Search vendor "Huawei" for product "Ngfw Module Firmware" | v500r001c00 Search vendor "Huawei" for product "Ngfw Module Firmware" and version "v500r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ngfw Module Search vendor "Huawei" for product "Ngfw Module" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Secospace Usg6600 Firmware Search vendor "Huawei" for product "Secospace Usg6600 Firmware" | v500r001c00 Search vendor "Huawei" for product "Secospace Usg6600 Firmware" and version "v500r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Secospace Usg6600 Search vendor "Huawei" for product "Secospace Usg6600" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Nip6600 Firmware Search vendor "Huawei" for product "Nip6600 Firmware" | v500r001c00 Search vendor "Huawei" for product "Nip6600 Firmware" and version "v500r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Nip6600 Search vendor "Huawei" for product "Nip6600" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ips Module Firmware Search vendor "Huawei" for product "Ips Module Firmware" | v500r001c00 Search vendor "Huawei" for product "Ips Module Firmware" and version "v500r001c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ips Module Search vendor "Huawei" for product "Ips Module" | - | - |
Safe
|