HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability to tamper with the DLL file, leading to DLL hijacking.
References
Link | Resource |
---|---|
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170531-01-hedex-en | Issue Tracking Vendor Advisory |
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170531-01-hedex-en | Issue Tracking Vendor Advisory |
Configurations
History
21 Nov 2024, 03:33
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170531-01-hedex-en - Issue Tracking, Vendor Advisory |
Information
Published : 2017-11-22 19:29
Updated : 2024-11-21 03:33
NVD link : CVE-2017-8137
Mitre link : CVE-2017-8137
CVE.ORG link : CVE-2017-8137
JSON object : View
Products Affected
huawei
- hedex_lite
CWE
CWE-426
Untrusted Search Path