CVE-2017-15309

Summary

Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. An attacker can exploit this vulnerability to store downloaded malicious files in an arbitrary directory.

Affected Software

VendorProductVersion RangeStatus
Huawei Technologies Co., Ltd.iReaderbefore 8.0.2.301affected

Weaknesses

  • path traversal

ADP Enrichment

CVE Program Container

Additional References

References