Vulnerabilities > Huawei > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-01-10 CVE-2021-40001 Path Traversal vulnerability in Huawei Harmonyos
The CaasKit module has a path traversal vulnerability.
network
low complexity
huawei CWE-22
5.3
2022-01-10 CVE-2021-40003 Path Traversal vulnerability in Huawei Harmonyos
HwPCAssistant has a path traversal vulnerability.
network
low complexity
huawei CWE-22
5.3
2022-01-10 CVE-2021-40006 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Huawei Harmonyos 2.0
Vulnerability of design defects in the security algorithm component.
low complexity
huawei CWE-327
4.6
2022-01-10 CVE-2021-40009 Out-of-bounds Write vulnerability in Huawei Emui, Harmonyos and Magic UI
There is an Out-of-bounds write vulnerability in the AOD module in smartphones.
network
low complexity
huawei CWE-787
5.3
2022-01-10 CVE-2021-40037 Type Confusion vulnerability in Huawei Emui, Harmonyos and Magic UI
There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones.
local
low complexity
huawei CWE-843
5.5
2022-01-10 CVE-2021-40041 Cross-site Scripting vulnerability in Huawei Ws318N-21 Firmware 10.0.2.2/10.0.2.5/10.0.2.6
There is a Cross-Site Scripting(XSS) vulnerability in HUAWEI WS318n product when processing network settings.
local
low complexity
huawei CWE-79
4.2
2022-01-03 CVE-2021-37112 Exposure of Resource to Wrong Sphere vulnerability in Huawei Harmonyos
Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware leak.
network
low complexity
huawei CWE-668
5.3
2022-01-03 CVE-2021-37114 Out-of-bounds Read vulnerability in Huawei Emui, Harmonyos and Magic UI
There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
network
low complexity
huawei CWE-125
5.3
2022-01-03 CVE-2021-37118 Improper Handling of Exceptional Conditions vulnerability in Huawei Harmonyos
The HwNearbyMain module has a Improper Handling of Exceptional Conditions vulnerability.Successful exploitation of this vulnerability may lead to message leak.
network
low complexity
huawei CWE-755
5.3
2022-01-03 CVE-2021-37132 Incorrect Default Permissions vulnerability in Huawei Harmonyos
PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause that Third-party apps can obtain the complete list of Harmony apps without permission.
network
low complexity
huawei CWE-276
5.3