Path Traversal Vulnerability in Huawei Devices
CVE-2017-2693
Summary
Multiple Huawei devices are susceptible to a path traversal vulnerability that can be leveraged by an attacker to decompress malicious files into a target directory. This issue arises from improper handling of file paths, allowing attackers to bypass security restrictions and manipulate file storage. It's essential for users of the affected devices to apply security updates and follow vendor recommendations to mitigate potential exploitation.
Affected Version(s)
P8 Lite,Mate 7,Mate S,P8,honor 6,honor 7,SHOTX,G8, ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and earlier versions,ALE-TL00C01B250 and earlier versions,ALE-UL00C00B250 and earlier versions,MT7-L09C605B325 and earlier versions,MT7-L09C900B339 and earlier versions,MT7-TL10C900B339 and earlier versions,CRR-CL00C92B172 and earlier versions,CRR-L09C432B180 and earlier versions,CRR-TL00C01B172 and earlier versions,CRR-UL00C00B172 and earlier versions,CRR-UL20C432B171 and earlier versions,GRA-CL00C92B230 and earlier versions,GRA-L09C432B222 and earlier versions,GRA-TL00C01B230SP01 and earlier versions,GRA-UL00C00B230 and earlier versions,GRA-UL00C10B201 and earlier versions,GRA-UL00C432B220 and earlier versions,H60-L04C10B523 and earlier versions,H60-L04C185B523 and earlier versions,H60-L04C636B527 and earlier versions,H60- ...[truncated*]
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved