VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 15, 2018· Updated Aug 5, 2024

CVE-2017-17185

CVE-2017-17185

Description

Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a out-of-bounds read vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could make the device access invalid memory and might reset a process.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

An authenticated remote attacker can cause a denial of service via out-of-bounds read by sending malformed SOAP packets to affected Huawei products.

Vulnerability

An out-of-bounds read vulnerability exists in several Huawei products due to insufficient input validation of SOAP packets. Affected models and versions include: DP300 V500R002C00, RP200 V500R002C00 and V600R006C00, TE30 V100R001C10, V500R002C00, and V600R006C00, TE40 V500R002C00 and V600R006C00, TE50 V500R002C00 and V600R006C00, TE60 V100R001C10, V500R002C00, and V600R006C00 [1].

Exploitation

An attacker must first authenticate to the target device. Once authenticated, the attacker can send specially crafted malformed SOAP packets over the network to trigger the out-of-bounds read [1].

Impact

Successful exploitation causes the device to access invalid memory, which may reset a process, leading to a denial of service (DoS). No data disclosure or code execution is indicated for this specific vulnerability [1].

Mitigation

Huawei has released software updates to fix this vulnerability. Affected users should consult the official security advisory [1] for the specific fixed versions and apply the updates as soon as possible.

References
  1. Security Advisory - Six Vulnerabilities in Some Huawei Products

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

4
  • Huawei/Te30llm-fuzzy
    Range: V100R001C10, V500R002C00, V600R006C00
  • Huawei/DP300llm-fuzzy
    Range: V500R002C00
  • Huawei/RP200llm-fuzzy
    Range: V500R002C00, V600R006C00
  • Huawei Technologies Co., Ltd./DP300,RP200,TE30,TE40,TE50,TE60v5
    Range: DP300 V500R002C00, RP200 V500R002C00,V600R006C00, TE30 V100R001C10,V500R002C00,V600R006C00, TE40 V500R002C00,V600R006C00, TE50 V500R002C00,V600R006C00, TE60 V100R001C10,V500R002C00,V600R006C00

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.