Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-17306

EPSS 0.08% · P23
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-17306

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Some Huawei Smartphones with software of VNS-L21AUTC555B141, VNS-L21C10B160, VNS-L21C66B160, VNS-L21C703B140 have an array out-of-bounds read vulnerability. Due to the lack verification of array, an attacker tricks a user into installing a malicious application, and the application can exploit the vulnerability and make attacker to read out of bounds of array and possibly cause the device abnormal.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Huawei VNS-L21 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Huawei VNS-L21是中国华为(Huawei)公司的一款智能手机产品。 Huawei VNS-L21中存在安全漏洞,该漏洞源于程序缺少对数组的验证。攻击者可通过诱使用户安装恶意的应用程序利用该漏洞造成设备异常(数组越边界读取)。以下版本受到影响:Huawei VNS-L21 VNS-L21AUTC555B141版本,VNS-L21C10B160版本,VNS-L21C66B160版本,VNS-L21C703B140版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Huawei Technologies Co., Ltd.VNS-L21 VNS-L21AUTC555B141, VNS-L21C10B160, VNS-L21C66B160, VNS-L21C703B140 -

II. Public POCs for CVE-2017-17306

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2017-17306

登录查看更多情报信息。

Same Patch Batch · Huawei Technologies Co., Ltd. · 2018-03-20 · 7 CVEs total

CVE-2017-17215Huawei HG532 安全漏洞
CVE-2017-17307Huawei VNS-L21 缓冲区错误漏洞
CVE-2017-17319Huawei P9 信息泄露漏洞
CVE-2017-17320Huawei Mate 9 Pro 安全漏洞
CVE-2017-8176Huawei IPTV STB 安全漏洞
CVE-2017-8187Huawei FusionSphere OpenStack 权限许可和访问控制问题漏洞

IV. Related Vulnerabilities

Same product: VNS-L21
Same vendor: Huawei Technologies Co., Ltd.

V. Comments for CVE-2017-17306

No comments yet

Leave a comment