Описание
MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. An attacker logs in to the system as a user and send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:huawei:max_presence_firmware:v100r001c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:max_presence:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:huawei:tp3106_firmware:v100r002c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:tp3106:-:*:*:*:*:*:*:*
Конфигурация 3
Одновременно
cpe:2.3:o:huawei:tp3206_firmware:v100r002c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:tp3206:-:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00233
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. An attacker logs in to the system as a user and send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot.
EPSS
Процентиль: 46%
0.00233
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-125