KEVIntel
Back to KEVs
8.8
CVSS
High

CVE-2017-17215

PUBLISHED

Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to...

Exploited in the wild Used in malware PoC available Remote Low complexity No user interaction
Vendor
Huawei Technologies Co., Ltd.
Product
HG532
Published
Mar 20, 2018
EPSS

Description

Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead to the remote execution of arbitrary code.

malware test edge

CVSS scores

CVSS v3.0 8.8 High

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0 6.5

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitation status

Exploited in the wild

Recorded 2025-04-22 00:00:00 UTC · Source

Used in test malware

Proof of concept available

Recorded 2017-12-25 06:11:24 UTC · Source

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
The Shadowserver (via CIRCL) Apr 28, 2025

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

ltfafei/HuaWei_Route_HG532_RCE_CVE-2017-17215

github · Created 2022-11-02 14:07:08 UTC · 0 stars

POCsuite与goland实现华为HG532路由器命令注入CVE-2017-17215 POC

1337g/CVE-2017-17215

github · Created 2017-12-25 06:11:24 UTC · 25 stars

CVE-2017-17215 HuaWei Router RCE (NOT TESTED)

Timeline

  • CVE ID Reserved

  • Proof of Concept Exploit Available

  • CVE Published to Public

  • Added to KEVIntel