Vulnerabilities > CVE-2017-8185 - Exposure of Resource to Wrong Sphere vulnerability in Huawei Me906S-158 Firmware

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
huawei
CWE-668

Summary

ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a privilege elevation vulnerability. An attacker could exploit this vulnerability to modify the configuration information containing malicious files and trick users into executing the files, resulting in the execution of arbitrary code.

Vulnerable Configurations

Part Description Count
OS
Huawei
1
Hardware
Huawei
1

Common Weakness Enumeration (CWE)