CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-6669

Buffer overflow in the Authentication, Authorization and Accounting (AAA) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.029

EPSS Ranking 85.5%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 7.1

References

Products affected by CVE-2016-6669

Huawei » Usg2100 » Version: N/A

cpe:2.3:h:huawei:usg2100:-
Huawei » Usg2200 » Version: N/A

cpe:2.3:h:huawei:usg2200:-
Huawei » Usg5100 » Version: N/A

cpe:2.3:h:huawei:usg5100:-
Huawei » Usg5500 » Version: N/A

cpe:2.3:h:huawei:usg5500:-
Huawei » Usg2100 Firmware » Version: v300r001c00

cpe:2.3:o:huawei:usg2100_firmware:v300r001c00
Huawei » Usg2100 Firmware » Version: v300r001c00spc900

cpe:2.3:o:huawei:usg2100_firmware:v300r001c00spc900
Huawei » Usg2100 Firmware » Version: v300r001c10

cpe:2.3:o:huawei:usg2100_firmware:v300r001c10
Huawei » Usg2200 Firmware » Version: v300r001c00

cpe:2.3:o:huawei:usg2200_firmware:v300r001c00
Huawei » Usg2200 Firmware » Version: v300r001c00spc900

cpe:2.3:o:huawei:usg2200_firmware:v300r001c00spc900
Huawei » Usg2200 Firmware » Version: v300r001c10

cpe:2.3:o:huawei:usg2200_firmware:v300r001c10
Huawei » Usg5100 Firmware » Version: v300r001c00

cpe:2.3:o:huawei:usg5100_firmware:v300r001c00
Huawei » Usg5100 Firmware » Version: v300r001c00spc900

cpe:2.3:o:huawei:usg5100_firmware:v300r001c00spc900
Huawei » Usg5100 Firmware » Version: v300r001c10

cpe:2.3:o:huawei:usg5100_firmware:v300r001c10
Huawei » Usg5500 Firmware » Version: v300r001c00

cpe:2.3:o:huawei:usg5500_firmware:v300r001c00
Huawei » Usg5500 Firmware » Version: v300r001c00spc900

cpe:2.3:o:huawei:usg5500_firmware:v300r001c00spc900
Huawei » Usg5500 Firmware » Version: v300r001c10

cpe:2.3:o:huawei:usg5500_firmware:v300r001c10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-6669

Products

Pricing

Contact Us