CVE-2016-2314

Published on: 02/14/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:15 PM UTC

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Certain versions of Mt882 from Huawei contain the following vulnerability:

GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote authenticated users to cause a denial of service (device outage) by using the FTP MKD command to create a directory with a long name, and then using certain other commands.

  • CVE-2016-2314 has been assigned by [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 4.9 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW HIGH NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE NONE HIGH

CVSS2 Score: 6.3 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM SINGLE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE NONE COMPLETE

CVE References

Description Tags Link
Security Advisory: FTP Vulnerability | Debi Higa Exploit
debihiga.wordpress.com
text/html
URL Logo MISC debihiga.wordpress.com/sa-ftp/

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
HardwareHuaweiMt882-AllAllAll
HardwareHuaweiMt882-AllAllAll
Operating
System
HuaweiMt882 Firmwarev200r002b022_argAllAllAll
Operating
System
HuaweiMt882 Firmwarev200r002b022_argAllAllAll
  • cpe:2.3:h:huawei:mt882:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:huawei:mt882:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:huawei:mt882_firmware:v200r002b022_arg:*:*:*:*:*:*:*:
  • cpe:2.3:o:huawei:mt882_firmware:v200r002b022_arg:*:*:*:*:*:*:*: