CVE-2016-8781

medium

Published 2017-04-02 · Modified 2026-05-13

CVSS v3

6.5

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS v2

4.0

VIR risk

6.5

Description

Huawei Secospace USG6300 with software V500R001C20 and V500R001C20SPC200PWE, Secospace USG6500 with software V500R001C20, Secospace USG6600 with software V500R001C20 and V500R001C20SPC200PWE allow remote attackers with specific permission to log in to a device and deliver a large number of unspecified commands to exhaust memory, causing a DoS condition.

Predictions

Exploit likelihood

75%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@huawei.com — http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161214-01-firewall-en

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161214-01-firewall-en
http://www.securityfocus.com/bid/94927
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161214-01-firewall-en
http://www.securityfocus.com/bid/94927

CWEs

CWE-399

Verify integrity in audit chain (admin only). AS-IS.