cvedb.io
CVE-2017-2706
HIGH · CVSS 7.1
EPSS exploitation probability: 0%
Published 2017-11-22T19:29:00.803 · Last modified 2026-06-17T01:16:42.680

Summary

Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. Since the system does not verify the file name during decompression, system directories are traversed. It could be exploited to cause the attacker to replace files and impact the service.

Affected products

huawei — mate_9_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when huawei ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.