cvedb.io
CVE-2017-8153
HIGH · CVSS 7.1
EPSS exploitation probability: 0%
Published 2017-11-22T19:29:03.477 · Last modified 2026-06-17T01:25:52.413

Summary

Huawei VMall (for Android) with the versions before 1.5.8.5 have a privilege elevation vulnerability due to improper design. An attacker can trick users into installing a malicious app which can send out HTTP requests and execute JavaScript code in web pages without obtaining the Internet access permission. Successful exploit could lead to resource occupation or information leak.

Affected products

huawei — vmall

Does this affect you?

Add your gear to cvedb and we'll alert you only when huawei ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.