CVE-2012-6569
critical
CVSS v3
—
CVSS v2
9.3
VIR risk
9.3
Description
Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-u_194370.htm
References
CWEs
CWE-119
Verify integrity in audit chain (admin only). AS-IS.