← back
CVE-2017-15309

CVE-2017-15309

EPSS 1.0%
Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. An attacker can exploit this vulnerability to store downloaded malicious files in an arbitrary directory.
Affected products
Huawei Technologies Co., Ltd. · iReader

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171120-01-hwreader-en