ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a privilege elevation vulnerability. An attacker could exploit this vulnerability to modify the configuration information containing malicious files and trick users into executing the files, resulting in the execution of arbitrary code.
References
Link | Resource |
---|---|
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170927-01-me906s-en | Vendor Advisory |
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170927-01-me906s-en | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 03:33
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170927-01-me906s-en - Vendor Advisory |
Information
Published : 2017-11-22 19:29
Updated : 2024-11-21 03:33
NVD link : CVE-2017-8185
Mitre link : CVE-2017-8185
CVE.ORG link : CVE-2017-8185
JSON object : View
Products Affected
huawei
- me906s-158
- me906s-158_firmware
CWE
CWE-668
Exposure of Resource to Wrong Sphere