CVE-2019-5221
Description
There is a path traversal vulnerability on Huawei Share. The software does not properly validate the path, an attacker could crafted a file path when transporting file through Huawei Share, successful exploit could allow the attacker to transport a file to arbitrary path on the phone. Affected products: Mate 20 X versions earlier than Ever-L29B 9.1.0.300(C432E3R1P12), versions earlier than Ever-L29B 9.1.0.300(C636E3R2P1), and versions earlier than Ever-L29B 9.1.0.300(C185E3R3P1).
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.045
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-5220 ,CVE-2019-5221 are affected in mate_20_x_firmware 10.1.0.160(c01e160r2p8) | NCM |
| Vulnerabilities CVE-2019-5220 ,CVE-2019-5221 are affected in mate_20_x_firmware 10.0.0.176(c00e70r2p8) | NCM |
| Vulnerabilities CVE-2019-5220 ,CVE-2019-5221 are affected in mate_20_x_firmware 9.1.0.135(c00e133r2p1) | NCM |
| Vulnerabilities CVE-2019-5221 are affected in mate_20_x_firmware ever-l29b_9.1.0.300(c636e3r2p1) | NCM |
| Vulnerabilities CVE-2019-5221 are affected in mate_20_x_firmware ever-l29b_9.1.0.300(c432e3r1p12) | NCM |
| Vulnerabilities CVE-2019-5221 are affected in mate_20_x_firmware ever-l29b_9.1.0.300(c185e3r3p1) | NCM |
| Vulnerabilities CVE-2019-5221 are affected in mate_20_x_firmware ever-al00b_9.0.0.200(c00e200r2p1) | NCM |
| Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability (CVE-2019-5221) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234