cvedb.io
CVE-2021-37130
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2021-10-27T01:15:07.810 · Last modified 2026-06-17T04:00:06.607

Summary

There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. Successful exploit could allow the attacker to access a location that is outside of the restricted directory by a crafted filename.

Affected products

huawei — fusioncube_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when huawei ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.