CVE-2018-7923

Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.150(C432) have an insufficient input validation vulnerability due to lack of parameter check. An attacker tricks the user who has root privilege to install a crafted application, the application may modify the specific data to exploit the vulnerability. Successful exploit could allow the attacker to execute arbitrary code.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:alp-l09_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:alp-l09:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:12

Type Values Removed Values Added
References () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180911-01-smartphone-en - Vendor Advisory () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180911-01-smartphone-en - Vendor Advisory

Information

Published : 2018-09-12 15:29

Updated : 2024-11-21 04:12


NVD link : CVE-2018-7923

Mitre link : CVE-2018-7923

CVE.ORG link : CVE-2018-7923


JSON object : View

Products Affected

huawei

  • alp-l09
  • alp-l09_firmware
CWE
CWE-20

Improper Input Validation