CVE-2021-37130

Summary

There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. Successful exploit could allow the attacker to access a location that is outside of the restricted directory by a crafted filename.

Affected Software

VendorProductVersion RangeStatus
n/aFusionCube6.0.2affected

Weaknesses

  • Path Traversal

ADP Enrichment

CVE Program Container

Additional References

References