Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-8154

EPSS 0.06% · P17
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-8154

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Themes App Honor 8 Lite Huawei mobile phones with software of versions before Prague-L31C576B172, versions before Prague-L31C530B160, versions before Prague-L31C432B180 has a man-in-the-middle (MITM) vulnerability due to the use of the insecure HTTP protocol for theme download. An attacker may exploit this vulnerability to tamper with downloaded themes.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Huawei Honor 8青春版Themes App 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Huawei Honor 8青春版是中国华为(Huawei)公司的一款智能手机产品。Themes APP是运行在其中的一款华为手机主题应用程序。 Huawei Honor 8青春版中的Themes App存在安全漏洞,该漏洞源于程序使用不安全的http协议下载某些主题包。攻击者可利用该漏洞实施中间人攻击,恶意修改下载的主题。以下版本受到影响:Huawei Honor 8青春版Prague-L31C576B172之前版本,Prague-L31C530B160之前版本,Prague-L31C432B180之前
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Huawei Technologies Co., Ltd.Honor 8 Lite The versions before Prague-L31C576B172, The versions before Prague-L31C530B160, The versions before Prague-L31C432B180 -

II. Public POCs for CVE-2017-8154

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2017-8154

Please Login to view more intelligence information

Same Patch Batch · Huawei Technologies Co., Ltd. · 2018-04-11 · 4 CVEs total

CVE-2017-15327Huawei S12700、S7700和S9700 安全漏洞
CVE-2017-17308多款Huawei产品SCCPX模块安全漏洞
CVE-2018-7930Huawei Mate 9 MHA-L29B Near Field Communication组件信息泄露漏洞

IV. Related Vulnerabilities

Same vendor: Huawei Technologies Co., Ltd.

V. Comments for CVE-2017-8154

No comments yet

Leave a comment