Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-5221

Опубликовано: 10 июл. 2019
Источник: nvd
CVSS3: 6.5
CVSS2: 3.3
EPSS Низкий

Описание

There is a path traversal vulnerability on Huawei Share. The software does not properly validate the path, an attacker could crafted a file path when transporting file through Huawei Share, successful exploit could allow the attacker to transport a file to arbitrary path on the phone. Affected products: Mate 20 X versions earlier than Ever-L29B 9.1.0.300(C432E3R1P12), versions earlier than Ever-L29B 9.1.0.300(C636E3R2P1), and versions earlier than Ever-L29B 9.1.0.300(C185E3R3P1).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*
Версия до ever-l29b_9.1.0.300\(c636e3r2p1\) (исключая)
cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*
Версия до ever-l29b_9.1.0.300\(c432e3r1p12\) (исключая)
cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*
Версия до ever-l29b_9.1.0.300\(c185e3r3p1\) (исключая)
cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*

EPSS

Процентиль: 14%
0.00045
Низкий

6.5 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-22

Связанные уязвимости

github логотип

GHSA-92v3-xfvv-5c39

CVSS3: 6.5
github
больше 3 лет назад

There is a path traversal vulnerability on Huawei Share. The software does not properly validate the path, an attacker could crafted a file path when transporting file through Huawei Share, successful exploit could allow the attacker to transport a file to arbitrary path on the phone. Affected products: Mate 20 X versions earlier than Ever-L29B 9.1.0.300(C432E3R1P12), versions earlier than Ever-L29B 9.1.0.300(C636E3R2P1), and versions earlier than Ever-L29B 9.1.0.300(C185E3R3P1).

EPSS

Процентиль: 14%
0.00045
Низкий

6.5 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-22