CVE-2026-28538Path Traversal: '../filedir' in Huawei Harmonyos

CWE-24Path Traversal: '../filedir'CWE-22Path Traversal3 documents3 sources
Severity
5.5MEDIUMNVD
CNA5.9
EPSS
0.0%
top 99.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Harmonyos
Timeline
PublishedMar 5

Description

Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5huawei/harmonyos5.1.0, 6.0.0+1
NVDhuawei/harmonyos5.1.0, 6.0.0+1

🔴Vulnerability Details

2
GHSA
GHSA-x4xj-9mhp-w8jm: Path traversal vulnerability in the certificate management module2026-03-05
CVEList
CVE-2026-28538: Path traversal vulnerability in the certificate management module2026-03-05
CVE-2026-28538 — Path Traversal: '../filedir' in Huawei | cvebase