Vulnerabilities > Huawei > P2 6011 Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-01-14 CVE-2014-2271 Improper Input Validation vulnerability in multiple products
cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java code by leveraging a network position between the client and the registry to block HTTPS traffic.
network
high complexity
wps huawei CWE-20
8.1