VYPR

iReader

by Huawei

CVEs (3)

  • CVE-2017-15308HigDec 22, 2017
    risk 0.57cvss 8.8epss 0.01

    Huawei iReader app before 8.0.2.301 has an input validation vulnerability due to insufficient validation on the URL used for loading network data. An attacker can control app access and load malicious websites created by the attacker, and the code in webpages would be loaded and…

  • CVE-2017-15309HigDec 22, 2017
    risk 0.46cvss 7.1epss 0.01

    Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. An attacker can exploit this vulnerability to store downloaded malicious files in an arbitrary directory.

  • CVE-2017-15310MedDec 22, 2017
    risk 0.42cvss 6.5epss 0.01

    Huawei iReader app before 8.0.2.301 has an arbitrary file deletion vulnerability due to the lack of input validation. An attacker can exploit this vulnerability to delete specific files from the SD card.