Security Advisory - Memory Leak Vulnerability on Several Products

Type huawei
Reporter Huawei Technologies
Modified 2018-07-04T00:00:00


There is a memory leak vulnerability on several products. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory. (Vulnerability ID: HWPSIRT-2017-07145)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2018-7994.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link: