2 matches found
CVE-2017-15309
CVE-2017-15309 corresponds to a path traversal vulnerability in Huawei iReader (pre-8.0.2.301). The issue arises from insufficient validation of file storage paths, allowing an attacker to store downloaded malicious files in arbitrary directories. ZDI advisories confirm local exploitation vectors...
Security Advisory - Multiple Security Vulnerabilities in Huawei iReader
Huawei iReader app has three security vulnerabilities. The app has an input validation vulnerability due to insufficient validation on the URL used for loading network data. An attacker can control app access and load malicious websites created by the attacker, and the code in webpages would be...