(Pwn2Own) Huawei Reader Insecure Plugin Loading Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Huawei Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

(Pwn2Own) Huawei Reader onChapPack Directory Traversal File Deletion Vulnerability

This vulnerability allows local attackers to delete arbitrary files on vulnerable installations of Huawei Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of t...

(Pwn2Own) Huawei Reader FileName Directory Traversal Privilege Escalation Vulnerability

This vulnerability allows local attackers to create arbitrary files on vulnerable installations of Huawei Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

Huawei Palm Reader APP Input Check Vulnerability

Huawei Read is the built-in mobile reading software for Huawei phones. An input validation vulnerability exists in the Huawei Reader App due to a failure to adequately validate the URL used when the software loads web data.An attacker could use this vulnerability to control access to the App, whi...