CVE-2016-8796

Published: Apr 2, 2017Modified: May 13, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Huawei USG9520 V300R001C01, USG9560 V300R001C01, and USG9580 V300R001C01 allow unauthenticated attackers to send abnormal DHCP request packets to the affected products to trigger a DoS condition.

Affected (3)

Products: Huawei: Usg9520 Firmware, Usg9580 Firmware, Usg9560 Firmware

3 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Usg9520 Firmware	Version v300r001c01

Running on/with	Platform Versions
Huawei Usg9520	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Usg9580 Firmware	Version v300r001c01

Running on/with	Platform Versions
Huawei Usg9580	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Usg9560 Firmware	Version v300r001c01

Running on/with	Platform Versions
Huawei Usg9560	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-firewall-en

Source: psirt@huawei.com

Vendor Advisory

http://www.securityfocus.com/bid/94405

Source: psirt@huawei.com

Third Party AdvisoryVDB Entry

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-firewall-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/94405

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.