CVE-2017-17134
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-17134
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
XML parser in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has a DoS vulnerability. Due to not check the specially XML file enough an authenticated local attacker may craft specific XML files to the affected products and parse this file which cause to null pointer accessing and result in DoS attacks.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Huawei产品XML解释器安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Huawei DP300等都是中国华为(Huawei)公司的产品。DP300是一款视频会议终端。RP200是一款视频会议一体机设备。XML parser是其中的一个XML解析器。 多款Huawei产品中的XML解释器存在拒绝服务漏洞,该漏洞源于程序对XML文件缺乏校验。本地攻击者可通过构造特定的XML文件利用该漏洞造成拒绝服务(访问空指针)。以下产品和版本受到影响:Huawei DP300 V500R002C00版本;RP200 V500R002C00SPC200版本,V600R006C00版本;TE30
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 | DP300 V500R002C00 | - |
II. Public POCs for CVE-2017-17134
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-17134
Please Login to view more intelligence information
Same Patch Batch · Huawei Technologies Co., Ltd. · 2018-03-05 · 16 CVEs total
| CVE-2017-17131 | 多款Huawei产品安全漏洞 | |
| CVE-2017-17132 | Huawei VP9660 License模块格式化字符串漏洞 | |
| CVE-2017-17133 | Huawei VP9660 License模块安全漏洞 | |
| CVE-2017-17135 | 多款Huawei产品PEM模块缓冲区错误漏洞 | |
| CVE-2017-17136 | 多款Huawei产品PEM模块缓冲区错误漏洞 | |
| CVE-2017-17137 | 多款Huawei产品PEM模块安全漏洞 | |
| CVE-2017-17138 | 多款Huawei产品PEM模块安全漏洞 | |
| CVE-2017-17139 | Huawei Mate 9和Mate 9 Pro 信息泄露漏洞 | |
| CVE-2017-17140 | Huawei Enjoy 5s和Y6 Pro 信息泄露漏洞 | |
| CVE-2017-17141 | 多款Huawei产品安全漏洞 | |
| CVE-2017-17142 | 多款Huawei产品缓冲区错误漏洞 | |
| CVE-2017-17143 | 多款Huawei产品缓冲区错误漏洞 | |
| CVE-2017-17144 | 多款Huawei产品SIP模块缓冲区错误漏洞 | |
| CVE-2017-8164 | 多款Huawei产品安全漏洞 | |
| CVE-2017-8165 | Huawei Mate 9 信息泄露漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2017-17134
No comments yet