Medium severity5.4NVD Advisory· Published Nov 22, 2017· Updated May 13, 2026

CVE-2017-8178

Description

Huawei Email APP Vicky-AL00 smartphones with software of earlier than VKY-AL00C00B171 versions has a stored cross-site scripting vulnerability. A remote attacker could exploit this vulnerability to send email that storing malicious code to a smartphone and waiting for a user to access this email that triggers execution of the code. An exploit could allow the attacker to execute arbitrary script code on the affected device.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Huawei/Vicky Al00 Firmware
cpe:2.3:o:huawei:vicky-al00_firmware:*:*:*:*:*:*:*:*
Range: <vky-al00c00b171
Huawei/Email APPllm-create
Range: < VKY-AL00C00B171
Huawei Technologies Co., Ltd./Vicky-AL00v5
Range: Earlier than VKY-AL00C00B171 versions

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170908-01-email-ennvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.351
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000