9.8
CVE-2016-6178
- EPSS 1.32%
- Published 02.08.2016 16:59:04
- Last modified 12.04.2025 10:46:40
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Huawei NE40E and CX600 devices with software before V800R007SPH017; PTN 6900-2-M8 devices with software before V800R007SPH019; NE5000E devices with software before V800R006SPH018; and CloudEngine devices 12800 with software before V100R003SPH010 and V100R005 before V100R005SPH006 allow remote attackers with control plane access to cause a denial of service or execute arbitrary code via a crafted packet.
Data is provided by the National Vulnerability Database (NVD)
Huawei ≫ Ne5000e Firmware Versionv800r006c00
Huawei ≫ Cloudengine 12800 Firmware Versionv100r003c00
Huawei ≫ Cloudengine 12800 Firmware Versionv100r003c10
Huawei ≫ Cloudengine 12800 Firmware Versionv100r005c00
Huawei ≫ Cloudengine 12800 Firmware Versionv100r005c10
Huawei ≫ Ptn 6900-2-m8 Firmware Versionv800r007c00
Huawei ≫ Cx600 Firmware Versionv600r008c20
Huawei ≫ Cx600 Firmware Versionv800r006c00
Huawei ≫ Cx600 Firmware Versionv800r006c20
Huawei ≫ Cx600 Firmware Versionv800r007c00
Huawei ≫ Ne40e Firmware Versionv600r008c20
Huawei ≫ Ne40e Firmware Versionv800r006c00
Huawei ≫ Ne40e Firmware Versionv800r006c20
Huawei ≫ Ne40e Firmware Versionv800r006c30
Huawei ≫ Ne40e Firmware Versionv800r007c00
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.32% | 0.791 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.