CVE-2021-22440

Published: Jul 13, 2021Modified: Nov 21, 2024

4.6

Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 0.9 / Impact: 3.6

Source: NVD

Description

There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. Successful exploit could allow the attacker to access a location that is outside of the restricted directory by a crafted filename. Affected product versions include:HUAWEI Mate 20 9.0.0.195(C01E195R2P1), 9.1.0.139(C00E133R3P1);HUAWEI Mate 20 Pro 9.0.0.187(C432E10R1P16), 9.0.0.188(C185E10R2P1), 9.0.0.245(C10E10R2P1), 9.0.0.266(C432E10R1P16), 9.0.0.267(C636E10R2P1), 9.0.0.268(C635E12R1P16), 9.0.0.278(C185E10R2P1); Hima-L29C 9.0.0.105(C10E9R1P16), 9.0.0.105(C185E9R1P16), 9.0.0.105(C636E9R1P16); Laya-AL00EP 9.1.0.139(C786E133R3P1); OxfordS-AN00A 10.1.0.223(C00E210R5P1); Tony-AL00B 9.1.0.257(C00E222R2P1).

Affected (15)

Products: Huawei: Mate 20 Firmware, Mate 20 Pro Firmware, Hima L29c Firmware, Laya Al00ep Firmware, Oxfords An00a Firmware, Tony Al00b Firmware

6 products

Oxfords An00a Firmware

Tony Al00b Firmware

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Mate 20 Firmware	Version 9.0.0.195(c01e195r2p1)
Huawei Mate 20 Firmware	Version 9.1.0.139(c00e133r3p1)

Running on/with	Platform Versions
Huawei Mate 20	All versions

Configuration B

7 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Mate 20 Pro Firmware	Version 9.0.0.187(c432e10r1p16)
Huawei Mate 20 Pro Firmware	Version 9.0.0.188(c185e10r2p1)
Huawei Mate 20 Pro Firmware	Version 9.0.0.245(c10e10r2p1)
Huawei Mate 20 Pro Firmware	Version 9.0.0.266(c432e10r1p16)
Huawei Mate 20 Pro Firmware	Version 9.0.0.267(c636e10r2p1)
Huawei Mate 20 Pro Firmware	Version 9.0.0.268(c635e12r1p16)
Huawei Mate 20 Pro Firmware	Version 9.0.0.278(c185e10r2p1)

Running on/with	Platform Versions
Huawei Mate 20 Pro	All versions

Configuration C

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Hima L29c Firmware	Version 9.0.0.105(c10e9r1p16)
Huawei Hima L29c Firmware	Version 9.0.0.105(c185e9r1p16)
Huawei Hima L29c Firmware	Version 9.0.0.105(c636e9r1p16)

Running on/with	Platform Versions
Huawei Hima L29c	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Laya Al00ep Firmware	Version 9.1.0.139(c786e133r3p1)

Running on/with	Platform Versions
Huawei Laya Al00ep	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Oxfords An00a Firmware	Version 10.1.0.223(c00e210r5p1)

Running on/with	Platform Versions
Huawei Oxfords An00a	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Tony Al00b Firmware	Version 9.1.0.257(c00e222r2p1)

Running on/with	Platform Versions
Huawei Tony Al00b	All versions

Related CWEs

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (2)

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210630-01-pathtraversal-en

Source: psirt@huawei.com

Vendor Advisory

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210630-01-pathtraversal-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.