Directory Traversal Vulnerability in Huawei Routers
CVE-2015-8228

Currently unrated

Key Information:

Vendor: Huawei
Status: Ar Firmware
Vendor: CVE Published:; 24 November 2015

Summary

A directory traversal vulnerability exists in the SFTP server of Huawei AR series routers, which can be exploited by remote authenticated users. This flaw enables attackers to navigate outside the intended directories and gain unauthorized access to sensitive files or other directory locations. It affects multiple models with software versions prior to V200R006SPH003, posing a significant risk to network security. The vulnerability is activated through various unspecified vectors, emphasizing the need for timely patching and security measures to mitigate potential threats.

References

http://www1.huawei.com/en/security/psirt/security-bulleti...

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 24, 2015
Vulnerability Reserved
Nov 17, 2015