CVE-2016-8785
Description
Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00 have an input validation vulnerability. Due to the lack of input validation, an attacker may craft a malformed packet and send it to the device using VRP, causing the device to display additional memory data and possibly leading to sensitive information leakage.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An input validation vulnerability in Huawei VRP-based switches (S12700, S5700, S7700, S9700) allows an attacker to send a malformed packet, causing memory data display and potential sensitive information leakage.
Vulnerability
An input validation vulnerability exists in Huawei VRP platform used in S12700, S5700, S7700, and S9700 switches. Affected versions include S12700 V200R007C00 and V200R008C00; S5700 V200R007C00; S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00; and S9700 V200R007C00 [1]. The lack of proper input validation allows a malformed packet to be processed, leading to unintended memory exposure.
Exploitation
An attacker with network access to the device can craft a malformed packet and send it to the device using the VRP protocol [1]. No authentication or special privileges are required; the attacker only needs to be able to deliver the malicious packet to the vulnerable device.
Impact
Successful exploitation causes the device to display additional memory data, potentially including sensitive information such as configuration details, credentials, or other confidential data [1]. This results in information disclosure, compromising confidentiality.
Mitigation
Huawei has released software updates to address this vulnerability. For example, S12700 should be upgraded to V200R009C00SPC500. Affected users should upgrade to the fixed versions as specified in the vendor advisory [1]. No workaround is mentioned.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
5- Huawei Technologies Co., Ltd./S12700, S5700, S7700, S9700v5Range: S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.huawei.com/en/psirt/security-advisories/huawei-sa-20161228-04-vrp-enmitrex_refsource_CONFIRM
- www.securityfocus.com/bid/95149mitrevdb-entryx_refsource_BID
News mentions
0No linked articles in our index yet.