CVE-2017-17301
Description
Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 5800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 6800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, DP300 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, TE30 V100R001C10, TE60 V100R003C00, V500R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, ViewPoint 8660 V100R008C02, V100R008C03, eSpace IAD V300R002C01, eSpace U1981 V200R003C20, V200R003C30, eSpace USM V100R001C01, V300R001C00 have a weak cryptography vulnerability. Due to not properly some values in the certificates, an unauthenticated remote attacker could forges a specific RSA certificate and exploits the vulnerability to pass identity authentication and logs into the target device to obtain permissions configured for the specific user name.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Weak cryptography in Huawei products allows unauthenticated remote attackers to forge RSA certificates and bypass authentication.
Vulnerability
A weak cryptography vulnerability exists in multiple Huawei products, including AR120-S, AR1200, AR1200-S, AR150, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, CloudEngine 12800/5800/6800/7800, DP300, SMC2.0, SRG1300/2300/3300, TE30, TE60, VP9660, ViewPoint 8660, eSpace IAD, eSpace U1981, and eSpace USM, across various firmware versions as listed in the advisory [1]. The vulnerability is due to improper handling of certificate values, enabling an attacker to forge a specific RSA certificate.
Exploitation
An unauthenticated remote attacker can forge an RSA certificate and exploit the weak cryptography to pass identity authentication. The attacker then logs into the target device using the forged certificate, without requiring any prior credentials or user interaction beyond network connectivity.
Impact
Successful exploitation allows the attacker to gain the permissions configured for the specific user name associated with the forged certificate. This can lead to unauthorized access, privilege escalation, and potential full compromise of the affected device.
Mitigation
Huawei has released software updates to address this vulnerability. Affected users should upgrade to the resolved product versions specified in the advisory [1]; for example, AR120-S should be upgraded to V200R009C00. No workarounds are provided. Users are advised to apply the patches as soon as possible.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Range: V100R003C00 - V200R001C00
- Huawei Technologies Co., Ltd./AR120-S,AR1200,AR1200-S,AR150,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR3600,AR510,CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,DP300,SMC2.0,SRG1300,SRG2300,SRG3300,TE30,TE60,VP9660,ViewPoint 8660,eSpace IAD,eSpace U1981,eSpace USMv5Range: AR120-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-SV200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEn ...[truncated*]
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.