Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. Since the system does not verify the file name during decompression, system directories are traversed. It could be exploited to cause the attacker to replace files and impact the service.
References
Link | Resource |
---|---|
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170712-01-push-en | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: huawei
Published: 2017-11-15T00:00:00
Updated: 2017-11-22T18:57:01
Reserved: 2016-12-01T00:00:00
Link: CVE-2017-2706
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-11-22T19:29:00.803
Modified: 2017-12-11T17:01:34.320
Link: CVE-2017-2706
JSON object: View
Redhat Information
No data.
CWE