Huawei : Security Vulnerabilities, CVEs, (Directory traversal)
Path traversal vulnerability in the Bluetooth-based sharing module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-07
Updated
2024-04-08
Vulnerability of file path verification being bypassed in the email module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-08
Updated
2024-04-08
Redirection permission verification vulnerability in the home screen module. Successful exploitation of this vulnerability may cause features to perform abnormally.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-09-25
Updated
2023-09-25
The Watchkit has a risk of unauthorized file access.Successful exploitation of this vulnerability may affect confidentiality and integrity.
Max CVSS
9.1
EPSS Score
0.09%
Published
2023-09-25
Updated
2023-09-25
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
Max CVSS
9.1
EPSS Score
0.09%
Published
2023-08-13
Updated
2023-08-17
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
Max CVSS
9.1
EPSS Score
0.09%
Published
2023-08-13
Updated
2023-08-17
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
Max CVSS
9.1
EPSS Score
0.09%
Published
2023-08-13
Updated
2023-08-17
The Always On Display (AOD) has a path traversal vulnerability in theme files. Successful exploitation of this vulnerability may cause a failure in reading AOD theme resources.
Max CVSS
5.3
EPSS Score
0.08%
Published
2023-03-27
Updated
2023-04-03
Huawei Aslan Children's Watch has a path traversal vulnerability. Successful exploitation may allow attackers to access or modify protected system resources.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-12-28
Updated
2023-01-06
The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.
Max CVSS
7.5
EPSS Score
0.15%
Published
2022-12-20
Updated
2022-12-29
The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure.
Max CVSS
7.5
EPSS Score
0.24%
Published
2022-09-16
Updated
2022-09-21
The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
Max CVSS
7.5
EPSS Score
0.15%
Published
2022-12-20
Updated
2023-01-09
HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
Max CVSS
5.3
EPSS Score
0.08%
Published
2022-01-10
Updated
2022-01-13
The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable.
Max CVSS
5.3
EPSS Score
0.08%
Published
2022-01-10
Updated
2022-01-13
HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission.
Max CVSS
7.5
EPSS Score
0.09%
Published
2022-01-03
Updated
2022-01-13
There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. Successful exploit could allow the attacker to access a location that is outside of the restricted directory by a crafted filename.
Max CVSS
7.5
EPSS Score
0.15%
Published
2021-10-27
Updated
2021-10-28
HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file.
Max CVSS
9.8
EPSS Score
0.18%
Published
2022-01-03
Updated
2022-01-11
Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause the directory is traversed.
Max CVSS
7.5
EPSS Score
0.15%
Published
2022-01-03
Updated
2022-01-11
There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain path.Affected product versions include:PC Smart Full Scene 11.1 versions PCManager 11.1.1.97.
Max CVSS
6.5
EPSS Score
0.05%
Published
2021-10-27
Updated
2021-10-28
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete any file.
Max CVSS
9.1
EPSS Score
0.09%
Published
2021-12-07
Updated
2021-12-09
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can write any content to any file.
Max CVSS
9.1
EPSS Score
0.16%
Published
2021-12-07
Updated
2021-12-09
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can create arbitrary file.
Max CVSS
9.1
EPSS Score
0.16%
Published
2021-12-07
Updated
2021-12-09
There is a Improper Limitation of a Pathname to a Restricted Directory vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to arbitrary file created.
Max CVSS
9.1
EPSS Score
0.16%
Published
2021-12-07
Updated
2021-12-09
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause media files which can be reads and writes in non-distributed directories on any device on the network..
Max CVSS
6.5
EPSS Score
0.08%
Published
2021-11-23
Updated
2022-05-03
There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. Successful exploit could allow the attacker to access a location that is outside of the restricted directory by a crafted filename. Affected product versions include:HUAWEI Mate 20 9.0.0.195(C01E195R2P1), 9.1.0.139(C00E133R3P1);HUAWEI Mate 20 Pro 9.0.0.187(C432E10R1P16), 9.0.0.188(C185E10R2P1), 9.0.0.245(C10E10R2P1), 9.0.0.266(C432E10R1P16), 9.0.0.267(C636E10R2P1), 9.0.0.268(C635E12R1P16), 9.0.0.278(C185E10R2P1); Hima-L29C 9.0.0.105(C10E9R1P16), 9.0.0.105(C185E9R1P16), 9.0.0.105(C636E9R1P16); Laya-AL00EP 9.1.0.139(C786E133R3P1); OxfordS-AN00A 10.1.0.223(C00E210R5P1); Tony-AL00B 9.1.0.257(C00E222R2P1).
Max CVSS
4.6
EPSS Score
0.07%
Published
2021-07-13
Updated
2021-07-15