Buffer overflow in Huawei Ar_18-1x

CVE-2012-6570

The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longe…

Vulnerability class: Buffer Overflow

EPSS: 0.007 (71.6th percentile) — read the EPSS interpretation.

Affected products

Huawei Ar_18-1x
Huawei Ar_18-2x
Huawei Ar_18-3x
Huawei Ar_19\/29\/49
Huawei Ar_28\/46
Huawei S2000 — versions r6305
Huawei S2300 — versions r6305
Huawei S2700 — versions r6305
Huawei S3000 — versions r6305
Huawei S3300 — versions r6305

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)