VYPR
High severity7.1NVD Advisory· Published Dec 22, 2017· Updated Jun 17, 2026

CVE-2017-15309

CVE-2017-15309

Description

Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. An attacker can exploit this vulnerability to store downloaded malicious files in an arbitrary directory.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Huawei/iReader2 versions
    cpe:2.3:a:huawei:ireader:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:huawei:ireader:*:*:*:*:*:*:*:*range: <8.0.2.301
    • (no CPE)range: <8.0.2.301
  • Huawei Technologies Co., Ltd./iReaderv5
    Range: before 8.0.2.301

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.