CVE-2016-6206

Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet.

CVSS v3 9.8 CRITICAL
CVSS v2.0 10.0 HIGH

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160713-01-router-en	Vendor Advisory
http://www.securityfocus.com/bid/91774	Third Party Advisory VDB Entry
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160713-01-router-en	Vendor Advisory
http://www.securityfocus.com/bid/91774	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:huawei:ar3200_firmware:v200r001c00:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r001c01:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r002c00:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r002c01:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r002c02:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r002c05:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r003c00:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r003c01:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r003c05:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r005c00:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r005c10:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r005c20:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r005c21:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r005c30:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r005c31:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r005c32:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r006c00:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r006c10:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r006c11:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r006c12:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r006c13:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r006c15:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r006c16:::::::*
	cpe:2.3:o:huawei:ar3200_firmware:v200r006c17:::::::*

cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:55

Type	Values Removed	Values Added
References	~~() http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160713-01-router-en - Vendor Advisory~~	() http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160713-01-router-en - Vendor Advisory
References	~~() http://www.securityfocus.com/bid/91774 - Third Party Advisory, VDB Entry~~	() http://www.securityfocus.com/bid/91774 - Third Party Advisory, VDB Entry

Information

Published : 2017-03-24 15:59

Updated : 2025-04-20 01:37

NVD link : CVE-2016-6206

Mitre link : CVE-2016-6206

CVE.ORG link : CVE-2016-6206

JSON object : View

Products Affected

huawei

ar3200_firmware
ar3200

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2016-6206", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2017-03-24T15:59:00.683", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160713-01-router-en", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/91774", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160713-01-router-en", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/91774", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet."}, {"lang": "es", "value": "Los routers Huawei AR3200 con software en versiones anteriores a V200R007C00SPC600 permiten a atacantes remotos provocar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo arbitrario a trav\u00e9s de un paquete manipulado."}], "lastModified": "2025-04-20T01:37:25.860", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r001c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA604489-7F7F-42A8-8E1B-98F044A3C028"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r001c01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2533937A-BD5B-4685-9329-3D901399E5DA"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r002c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78B2243E-0A6E-4D61-ADDF-293C0EAD486A"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r002c01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "760DB6A2-3CF5-473A-AC37-8D19D51CAB65"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r002c02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "348D3FAA-7F95-45B8-8C74-EB64CCAD598D"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r002c05:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F6D01C4-1422-4C6E-8B73-BE2FF272C2F8"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r003c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB16E464-5373-44E2-8EC7-284D3CCCB1E8"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r003c01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7653DC1-2293-4420-BC2A-2DC0FF2210E6"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r003c05:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07E47E05-41AE-4A2E-8A6E-592846115BD9"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2767D9E-1693-41FC-B30F-14C466D934C7"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FF4878C-F659-4BB5-82C4-4816019ABF89"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C10C07E-5194-4EAB-9AC8-DB87CE52F5FA"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4BFA2E2-8AB9-47BF-B96B-8E793FA4CC1D"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33A23E16-0A80-46ED-A458-44B75D956F5E"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3799E69-4530-4F0E-AC5E-826533844DAD"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FE26EE9-2331-4D72-96CF-635A0A4EBE3E"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C4A3DEA-6250-4947-8E37-FD59DCF5F580"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB9A3444-A485-4B87-B910-F3DA5C8E5D74"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8BE6310-A42C-4BB3-BB02-7CE6F4FF340D"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9143EC6C-C770-4EBA-96A2-E3B32DB2A203"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72B5D4B8-C38C-4932-B5AB-9C2E8EBB79B1"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FCA26EA-4870-418E-8866-F6F99F070BFE"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8842D3B3-82AB-44BA-9619-8F02BA06BFA5"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7A9A6BB-00B6-42A8-A9A0-54E4C27BEE5D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}

9.8 /10