CVEs-PoC/2016/CVE-2016-8802.md

### [CVE-2016-8802](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8802)
![](https://img.shields.io/static/v1?label=Product&message=Secospace%20USG6300%2CSecospace%20USG6500%2CSecospace%20USG6600%20Secospace%20USG6300%20V500R001C20SPC100%2C%20V500R001C20SPC101%2C%20V500R001C20SPC200%2CSecospace%20USG6500%20V500R001C20SPC100%2C%20V500R001C20SPC101%2C%20V500R001C20SPC200%2CSecospace%20USG6600%20V500R001C20SPC100%2C%20V500R001C20SPC101%2C%20V500R001C20SPC200%2C&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Secospace%20USG6300%2CSecospace%20USG6500%2CSecospace%20USG6600%20Secospace%20USG6300%20V500R001C20SPC100%2C%20V500R001C20SPC101%2C%20V500R001C20SPC200%2CSecospace%20USG6500%20V500R001C20SPC100%2C%20V500R001C20SPC101%2C%20V500R001C20SPC200%2CSecospace%20USG6600%20V500R001C20SPC100%2C%20V500R001C20SPC101%2C%20V500R001C20SPC200%2C%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=buffer%20overflow&color=brightgreen)

### Description

The security policy processing module in Huawei Secospace USG6300 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6500 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6600 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200 allows authenticated attackers to setup a specific security policy into the devices, causing a buffer overflow and crashing the system.

### POC

#### Reference
- http://www.securityfocus.com/bid/94538

#### Github
No PoCs found on GitHub currently.