CVE-2017-17187
Description
Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could cause an integer overflow and might reset a process.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An integer overflow in Huawei video conferencing products allows an authenticated remote attacker to send malformed SOAP packets, potentially causing a process reset.
Vulnerability
An integer overflow vulnerability exists in Huawei products DP300, RP200, TE30, TE40, TE50, and TE60 across multiple firmware versions as specified in V500R002C00, V100R001C10, V600R006C00, V500R002C00 and V600R006C00 [1]. Due to insufficient input validation, an authenticated remote attacker can send specially crafted SOAP packets to the target device, triggering an integer overflow that may reset a process [1].
Exploitation
An attacker must first gain authenticated access to the target device over the network. Once authenticated, the attacker sends malformed SOAP packets designed to exploit the integer overflow condition [1]. The attack requires no additional privileges beyond the initial authentication and no user interaction on the target device.
Impact
Successful exploitation of the integer overflow can cause a process to reset. This constitutes a denial-of-service condition, as the affected process may terminate and need to be restarted [1]. The vulnerability does not appear to allow arbitrary code execution or privilege escalation based on the available information.
Mitigation
Huawei has released software updates addressing this vulnerability as of February 7, 2018 [1]. Users should upgrade their affected products to the latest firmware versions provided in the vendor security advisory. No workarounds are documented; the recommended action is to apply the official patches.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Huawei Technologies Co., Ltd./DP300,RP200,TE30,TE40,TE50,TE60v5Range: DP300 V500R002C00, RP200 V500R002C00,V600R006C00, TE30 V100R001C10,V500R002C00,V600R006C00, TE40 V500R002C00,V600R006C00, TE50 V500R002C00,V600R006C00, TE60 V100R001C10,V500R002C00,V600R006C00
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-soap-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.