CVE-2017-17144
Description
Backup feature of SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; RSE6500 V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC300T; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00T; TE30 V100R001C10; V100R001C10SPC100; V100R001C10SPC200B010; V100R001C10SPC300; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700B010; V100R001C10SPC800; V500R002C00SPC200; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; TE40 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; TE50 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; TE60 V100R001C01SPC100; V100R001C01SPC107TB010; V100R001C10; V100R001C10SPC300; V100R001C10SPC400; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700; V100R001C10SPC800; V100R001C10SPC900; V500R002C00; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; V500R002C00SPCb00; V500R002C00SPCd00; V600R006C00; V600R006C00SPC100; V600R006C00SPC200; V600R006C00SPC300; TP3106 V100R002C00; V100R002C00SPC200; V100R002C00SPC400; V100R002C00SPC600; V100R002C00SPC700; V100R002C00SPC800; TP3206 V100R002C00; V100R002C00SPC200; V100R002C00SPC400; V100R002C00SPC600; V100R002C00SPC700; V100R002C10; ViewPoint 9030 V100R011C02SPC100; V100R011C03B012SP15; V100R011C03B012SP16; V100R011C03B015SP03; V100R011C03LGWL01SPC100; V100R011C03SPC100; V100R011C03SPC200; V100R011C03SPC300; V100R011C03SPC400; V100R011C03SPC500; eSpace U1960 V200R003C30SPC200; eSpace U1981 V100R001C20SPC700; V200R003C20SPCa00 has an overflow vulnerability when the module process a specific amount of state. The module cannot handle it causing SIP module DoS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An overflow vulnerability in the Backup feature of the SIP module in multiple Huawei products allows a remote attacker to cause a denial of service by sending a crafted SIP message.
Vulnerability
An overflow vulnerability exists in the Backup feature of the SIP module in multiple Huawei products, including DP300, RP200, RSE6500, TE30, TE40, TE50, TE60, TP3106, TP3206, ViewPoint 9030, eSpace U1960, and eSpace U1981. The issue occurs when the module processes a specific amount of state, leading to a denial of service. Affected versions span across various firmware releases, such as V500R002C00, V100R001C10, V600R006C00, and others as listed in the advisory [1].
Exploitation
An attacker can exploit this vulnerability by sending a specially crafted SIP message to a vulnerable device. No authentication is required, as the SIP service is typically exposed on the network. The attack does not require user interaction, but the attacker must be able to reach the target's SIP module over the network [1].
Impact
Successful exploitation causes the SIP module to crash, resulting in a denial of service (DoS). The device may become unresponsive for SIP communications until the module recovers or is restarted. No data confidentiality or integrity is compromised directly, but the loss of SIP service can disrupt communications [1].
Mitigation
Huawei has released fixes for the affected products. Resolved versions include V500R002C00SPCb00 for DP300, V600R006C00SPC200 for TE40, and similar updates for other models as detailed in the advisory [1]. Users should upgrade to the fixed versions. No workaround is provided; updating is the recommended action.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Huawei Technologies Co., Ltd./DP300; RP200; RSE6500; TE30; TE40; TE50; TE60; TP3106; TP3206; ViewPoint 9030; eSpace U1960; eSpace U1981v5Range: DP300 V500R002C00
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sip-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.