4 matches found
Arbitrary file deletion
OpenHarmony-v3.1.2 and prior versions had an Arbitrary file read vulnerability via downloadserver. Local attackers can install an malicious application on the device and reveal any file from the filesystem that is accessible to downloadserver service which run with UID 1000...
CVE-2022-43449 Arbitrary file read via download_server.
OpenHarmony-v3.1.2 and prior versions had an Arbitrary file read vulnerability via downloadserver. Local attackers can install an malicious application on the device and reveal any file from the filesystem that is accessible to downloadserver service which run with UID 1000...
CVE-2022-43449
OpenHarmony v3.1.2 and earlier are affected by an Arbitrary file read via the download_server component. The download_server service runs with UID 1000, allowing a local attacker to install a malicious app and read any filesystem file accessible to the service. The description across connected so...
CVE-2022-43449 Arbitrary file read via download_server.
OpenHarmony-v3.1.2 and prior versions had an Arbitrary file read vulnerability via downloadserver. Local attackers can install an malicious application on the device and reveal any file from the filesystem that is accessible to downloadserver service which run with UID 1000...