JavaScript Injection Vulnerability in Huawei Smartphones
CVE-2021-22331
Summary
A JavaScript injection vulnerability exists in specific firmware versions of Huawei smartphones, which stems from insufficient input validation in a module. This flaw allows attackers to exploit the vulnerability by sending a malicious application request, potentially leading to a compromise of normal services. It is crucial for users to update to the latest firmware versions to mitigate the risk associated with this vulnerability.
Affected Version(s)
HUAWEI P30 Versions earlier than 10.1.0.165(C01E165R2P11),Versions earlier than 11.0.0.118(C635E2R1P3),Versions earlier than 11.0.0.120(C00E120R2P5),Versions earlier than 11.0.0.138(C10E4R5P3),Versions earlier than 11.0.0.138(C185E4R7P3),Versions earlier than 11.0.0.138(C432E8R2P3),Versions earlier than 11.0.0.138(C461E4R3P3),Versions earlier than 11.0.0.138(C605E4R1P3),Versions earlier than 11.0.0.138(C636E4R3P3)
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved