There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. Successful exploit could allow the attacker to access a location that is outside of the restricted directory by a crafted filename.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: huawei
Published: 2021-10-27T00:33:28
Updated: 2024-08-04T01:16:02.790Z
Reserved: 2021-07-20T00:00:00
Link: CVE-2021-37130
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-10-27T01:15:07.810
Modified: 2021-10-28T18:55:15.650
Link: CVE-2021-37130
Redhat
No data.