Path Traversal Vulnerability in Huawei FusionCube 6.0.2

Path Traversal Vulnerability in Huawei FusionCube 6.0.2

CVE-2021-37130 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. Successful exploit could allow the attacker to access a location that is outside of the restricted directory by a crafted filename.

Learn more about our External Network Penetration Testing.