CVE-2015-8228

CWE-22Path Traversal3 documents3 sources
Severity
4.0MEDIUM
EPSS
0.5%
top 32.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei AR Firmware
Timeline
PublishedNov 24
Latest updateMay 17

Description

Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to access arbitrary directories via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

NVDhuawei/ar_firmwarev200r006c10

Patches

Patch: www1.huawei.comPatch: www1.huawei.com

🔴Vulnerability Details

2
GHSA
GHSA-m5wh-9wg7-p8j7: Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V202022-05-17
CVEList
CVE-2015-8228: Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V202015-11-24
CVE-2015-8228 (MEDIUM CVSS 4) | Directory traversal vulnerability i | cvebase.io