1. Home
  2. CVE Database
  3. CVE-2017-17223
HIGH · 8.8

CVE-2017-17223

Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30; eSpace 8950 V200R003C00; V200R003C30 have a directory traversal vulnerability. An authenticated, remote attacker can craft specific URL to the ...

Vulnerability Description

Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30; eSpace 8950 V200R003C00; V200R003C30 have a directory traversal vulnerability. An authenticated, remote attacker can craft specific URL to the affected products. Due to insufficient verification of the URL, successful exploit will upload and download files and cause information leak and system crash.

CVSS Score

8.8

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
HuaweiEspace 7910 Firmwarev200r003c30
HuaweiEspace 7910-
HuaweiEspace 7950 Firmwarev200r003c30
HuaweiEspace 7950-
HuaweiEspace 8950 Firmwarev200r003c00
HuaweiEspace 8950-

Related Weaknesses (CWE)

CWE-22

References

FAQ

What is CVE-2017-17223?

CVE-2017-17223 is a vulnerability with a CVSS score of 8.8 (HIGH). Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30; eSpace 8950 V200R003C00; V200R003C30 have a directory traversal vulnerability. An authenticated, remote attacker can craft specific URL to the ...

How severe is CVE-2017-17223?

CVE-2017-17223 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-17223?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Espace 7910 Firmware, Huawei Espace 7910, Huawei Espace 7950 Firmware, Huawei Espace 7950, Huawei Espace 8950 Firmware.