Description
Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. An attacker can exploit this vulnerability to store downloaded malicious files in an arbitrary directory.
Affected products
- Huawei Technologies Co., Ltd. / iReaderbefore 8.0.2.301 – before 8.0.2.301