CVE-2017-15309
Description
Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. An attacker can exploit this vulnerability to store downloaded malicious files in an arbitrary directory.
Risk Information
Base Score
7.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L
EPSS Score
Exploitation Probability
0.147
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability (CVE-2017-15309) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234