CVE-2017-8136

CWE-200Information Exposure3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 74.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Hedex LiteHuawei Technologies Co., Ltd. Hedex Lite
Timeline
PublishedNov 22
Latest updateMay 17

Description

HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability. An attacker could exploit it to download arbitrary files on a target device to cause information leak.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/hedex_lite< v200r006c00
CVEListV5huawei_technologies_co.,_ltd./hedex_liteEarlier than V200R006C00 versions

🔴Vulnerability Details

2
GHSA
GHSA-j8q4-9xv9-4rj2: HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability2022-05-17
CVEList
CVE-2017-8136: HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability2017-11-22
CVE-2017-8136 (MEDIUM CVSS 5.5) | HedEx Earlier than V200R006C00 vers | cvebase.io