CVE-2016-8276
Description
Buffer overflow in the Point-to-Point Protocol over Ethernet (PPPoE) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600, when CHAP authentication is configured on the server, allows remote attackers to cause a denial of service (server restart) or execute arbitrary code via crafted packets sent during authentication.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
2.978
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2016-8276 are affected in usg2100 v300r001c10 | NCM |
| Vulnerabilities CVE-2016-8276 are affected in usg2100 v300r001c00 | NCM |
| Vulnerabilities CVE-2016-8276 are affected in usg2200 v300r001c10 | NCM |
| Vulnerabilities CVE-2016-8276 are affected in usg2200 v300r001c00 | NCM |
| Vulnerabilities CVE-2016-8276 are affected in usg5100 v300r001c10 | NCM |
| Vulnerabilities CVE-2016-8276 are affected in usg5100 v300r001c00 | NCM |
| Vulnerabilities CVE-2016-8276 are affected in usg5500 v300r001c10 | NCM |
| Vulnerabilities CVE-2016-8276 are affected in usg5500 v300r001c00 | NCM |
| Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-8276) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234