Insecure Software Package Download and Installation Vulnerability in Huawei HiSuite 4.0.5.300_OVE
CVE-2016-8273 · MEDIUM Severity
AV:L/AC:M/AU:N/C:C/I:C/A:C
Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for upgrade software package download and does not check the integrity of the software package before installing; an attacker can launch an MITM attack to interrupt or replace the downloaded software package and further compromise the PC.
Learn more about our Web Application Penetration Testing UK.