CVE-2017-2739

Summary

The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 versions is transferred through HTTP. A man in the middle (MITM) can tamper with the upgrade package of Huawei Vmall APP, and to implant the malicious applications.

Affected Software

VendorProductVersion RangeStatus
Huawei Technologies Co., Ltd.VmallEarlier than HwVmall 1.5.3.0 versionsaffected

Weaknesses

  • MITM

ADP Enrichment

CVE Program Container

Additional References

References