CVE-2017-17184
Description
Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could cause an integer overflow and might reset a process.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An authenticated, remote attacker can trigger an integer overflow by sending malformed SOAP packets to certain Huawei video conferencing products, causing a process reset.
Vulnerability
CVE-2017-17184 is an integer overflow vulnerability in multiple Huawei products: DP300 V500R002C00, RP200 V500R002C00 and V600R006C00, TE30 V100R001C10, V500R002C00 and V600R006C00, TE40 V500R002C00 and V600R006C00, TE50 V500R002C00 and V600R006C00, and TE60 V100R001C10, V500R002C00 and V600R006C00 [1]. The flaw exists in the SOAP packet handling component. Due to insufficient input validation, an authenticated, remote attacker can send malformed SOAP packets to the target device, leading to an integer overflow [1].
Exploitation
An attacker must first authenticate to the targeted device over the network [1]. The attacker then sends specially crafted SOAP packets to the device. The malformed packets trigger an integer overflow condition during processing, which can cause a process to reset [1].
Impact
Successful exploitation of this integer overflow vulnerability results in a denial of service (DoS) condition by resetting a process on the affected device [1]. The advisory does not indicate that arbitrary code execution or privilege escalation is possible.
Mitigation
Huawei has released software updates to fix this vulnerability. Affected users should upgrade their devices to the latest firmware version as provided by Huawei [1]. Specific fix versions are not detailed in the available reference; customers are advised to contact Huawei support for upgrade guidance [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
7- Huawei Technologies Co., Ltd./DP300,RP200,TE30,TE40,TE50,TE60v5Range: DP300 V500R002C00, RP200 V500R002C00,V600R006C00, TE30 V100R001C10,V500R002C00,V600R006C00, TE40 V500R002C00,V600R006C00, TE50 V500R002C00,V600R006C00, TE60 V100R001C10,V500R002C00,V600R006C00
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-soap-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.