2 matches found
CVE-2017-2739
CVE-2017-2739 describes a MITM risk in Huawei Vmall APP upgrades: the upgrade package is transferred over HTTP, allowing an attacker on an adjacent network to tamper with the package and implant malicious code. The issue stems from unencrypted upgrade delivery, with impact described as tampering/...
Security Advisory - MITM Vulnerability in Huawei Vmall APP
The upgrade package of Huawei Vmall APP is transferred through HTTP. A man in the middle MITM can tamper with the upgrade package of Huawei Vmall APP, and to implant the malicious applications. Vulnerability ID: HWPSIRT-2016-11068 This vulnerability has been assigned a Common Vulnerabilities and...