CVE-2017-15308
CVE-2017-15308
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
22 Dec 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Huawei iReader app before 8.0.2.301 has an input validation vulnerability due to insufficient validation on the URL used for loading network data. An attacker can control app access and load malicious websites created by the attacker, and the code in webpages would be loaded and run.
Affected products
Huawei Technologies Co., Ltd. · iReaderWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →