CVE-2016-2314 — MEDIUM (4.9)

Vulnerability Description

GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote authenticated users to cause a denial of service (device outage) by using the FTP MKD command to create a directory with a long name, and then using certain other commands.

CVSS Score

4.9

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Huawei	Mt882	-
Huawei	Mt882 Firmware	v200r002b022_arg

Related Weaknesses (CWE)

CWE-17

References

https://debihiga.wordpress.com/sa-ftp/Exploit
https://debihiga.wordpress.com/sa-ftp/Exploit

FAQ

What is CVE-2016-2314?

CVE-2016-2314 is a vulnerability with a CVSS score of 4.9 (MEDIUM). GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote authenticated users to cause a denial of service (device outage) by using the FTP MKD command to creat...

How severe is CVE-2016-2314?

CVE-2016-2314 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-2314?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Mt882, Huawei Mt882 Firmware.