CVE-2017-17300
Description
Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, V200R008C00, V200R009C00, S6700 V200R008C00, V200R009C00, S7700 V200R008C00, V200R009C00, S9700 V200R008C00, V200R009C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specific TCP messages with keychain authentication option to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause the affected products to reset.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Numeric errors in Huawei S12700, S5700, S6700, S7700, S9700 allow unauthenticated remote attackers to cause device reset via crafted TCP messages with keychain authentication.
Vulnerability
A numeric errors vulnerability exists in Huawei S12700, S5700, S6700, S7700, and S9700 series switches. The affected versions are: S12700 V200R008C00 and V200R009C00; S5700 V200R007C00, V200R008C00, and V200R009C00; S6700 V200R008C00 and V200R009C00; S7700 V200R008C00 and V200R009C00; S9700 V200R008C00 and V200R009C00 [1]. The bug is triggered when the device processes specific TCP messages that include the keychain authentication option. Due to improper validation of these messages, numeric errors occur during handling [1].
Exploitation
An unauthenticated, remote attacker can exploit this vulnerability by sending specially crafted TCP messages with the keychain authentication option to an affected device [1]. No prior authentication or network access beyond reachability is required. The attacker simply transmits the malicious packets to the target, which then processes them incorrectly, leading to the numeric errors [1].
Impact
Successful exploitation causes the affected product to reset, resulting in a denial of service (DoS) condition [1]. No other impact on confidentiality, integrity, or availability is described in the available references.
Mitigation
Huawei has released software updates to fix this vulnerability. The resolved versions are: S12700 V200R008C00 upgrade to V200R008SPH006, V200R009C00 upgrade to V200R009C00SPC500; S5700 V200R007C00 upgrade to V200R007SPH010, V200R008C00 upgrade to V200R008SPH006, V200R009C00 upgrade to V200R009C00SPC500; S6700 V200R008C00 upgrade to V200R008SPH006, V200R009C00 upgrade to V200R009C00SPC500; S7700 V200R008C00 upgrade to V200R008SPH006, V200R009C00 upgrade to V200R009C00SPC500; S9700 V200R008C00 upgrade to V200R008SPH006, V200R009C00 upgrade to V200R009C00SPC500 [1]. The advisory was published on 2017-12-15. No workarounds are documented.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Huawei Technologies Co., Ltd./S12700,S5700,S6700,S7700,S9700v5Range: S12700 V200R008C00, V200R009C00, S5700 V200R007C00, V200R008C00, V200R009C00, S6700 V200R008C00, V200R009C00, S7700 V200R008C00, V200R009C00, S9700 V200R008C00, V200R009C00
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20171215-01-router-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.