CVE-2017-15355
Description
Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A buffer overflow in Huawei video conferencing products allows remote attackers to cause service abnormal via crafted HTTP messages due to insufficient input validation of three parameters.
Vulnerability
A buffer overflow vulnerability exists in multiple Huawei video conferencing products, including DP300 (V500R002C00), RP200 (V600R006C00), TE30 (V100R001C10, V500R002C00, V600R006C00), TE40 (V500R002C00, V600R006C00), TE50 (V500R002C00, V600R006C00), TE60 (V100R001C10, V500R002C00, V600R006C00), and TX50 (V500R002C00, V600R006C00). An attacker can send specially crafted HTTP messages to the affected products. Due to insufficient input validation of three different parameters in the messages, a buffer overflow may occur, potentially leading to service abnormal [1].
Exploitation
An attacker needs to be able to send crafted HTTP messages to the target device. No authentication is mentioned as a requirement. The exploitation involves sending HTTP requests with specially crafted values in three vulnerable parameters. The exact parameters are not disclosed in the available references, but the attack vector is network-based, targeting the HTTP service [1].
Impact
Successful exploitation may cause some service abnormal, as stated in the advisory. The impact is primarily on availability (denial of service), as the buffer overflow can disrupt the normal operation of the device [1].
Mitigation
Huawei has released software updates to fix these vulnerabilities. Fixed versions include DP300 V500R002C00SPCb00 and RP200 TEX0[1] V600R006C00SPC500. Users should upgrade to the latest firmware versions as specified in the security advisory [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Huawei Technologies Co., Ltd./DP300,RP200,TE30,TE40,TE50,TE60,TX50v5Range: DP300 ,V500R002C00 ,RP200 ,V600R006C00 ,TE30 ,V100R001C10 ,V500R002C00 ,V600R006C00 ,TE40 ,V500R002C00 ,V600R006C00 ,TE50 ,V500R002C00 ,V600R006C00 ,TE60 ,V100R001C10 ,V500R002C00 ,V600R006C00 ,TX50 ,V500R002C00 ,V600R006C00
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-02-http-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.