CVE-2017-15354
Description
Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Buffer overflow in Huawei DP300, RP200, TE30/40/50/60, TX50 via crafted HTTP messages leads to denial of service.
Vulnerability
A buffer overflow vulnerability exists in multiple Huawei products including DP300 (V500R002C00), RP200 (V600R006C00), TE30 (V100R001C10, V500R002C00, V600R006C00), TE40 (V500R002C00, V600R006C00), TE50 (V500R002C00, V600R006C00), TE60 (V100R001C10, V500R002C00, V600R006C00), and TX50 (V500R002C00, V600R006C00). The flaw is due to insufficient input validation of three different parameters in HTTP messages, leading to a buffer overflow [1].
Exploitation
An attacker can exploit this vulnerability by sending specially crafted HTTP messages to the affected products. No authentication or special network position is required; the attacker only needs network access to the target device. The crafted messages trigger the buffer overflow when the device processes the malformed parameters [1].
Impact
Successful exploitation causes some services to become abnormal, resulting in a denial of service (DoS) condition. The vulnerability does not appear to allow code execution or information disclosure based on the advisory [1].
Mitigation
Huawei has released software updates to fix these vulnerabilities. The resolved versions are: DP300 V500R002C00SPCb00, RP200 TEX0[1] V600R006C00SPC500, TE30 TEX0[1] V600R006C00SPC500 (and similar for other models). Users should upgrade to the latest firmware as specified in the advisory [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Huawei Technologies Co., Ltd./DP300,RP200,TE30,TE40,TE50,TE60,TX50v5Range: DP300 ,V500R002C00 ,RP200 ,V600R006C00 ,TE30 ,V100R001C10 ,V500R002C00 ,V600R006C00 ,TE40 ,V500R002C00 ,V600R006C00 ,TE50 ,V500R002C00 ,V600R006C00 ,TE60 ,V100R001C10 ,V500R002C00 ,V600R006C00 ,TX50 ,V500R002C00 ,V600R006C00
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-02-http-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.