Описание
HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability to tamper with the DLL file, leading to DLL hijacking.
Ссылки
- Issue TrackingVendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до v200r006c00 (исключая)
cpe:2.3:a:huawei:hedex_lite:*:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00057
Низкий
7.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-426
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability to tamper with the DLL file, leading to DLL hijacking.
EPSS
Процентиль: 18%
0.00057
Низкий
7.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-426