CVE-2018-7933
N/A
N/A
Summary
Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability. Due to the lack of validation while these home gateway products install APK plugins, an attacker tricks a user into installing a malicious APK plugin, and plugin can overwrite arbitrary file of devices. Successful exploit may result in arbitrary code execution or privilege escalation.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Huawei Technologies Co., Ltd. | HiRouter-CD20, WS5200 | HiRouter-CD20 The versions before HiRouter-CD20-10 1.9.6, WS5200 The versions before WS5200-10 1.9.6 | affected |
Weaknesses
- path traversal
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.