CVE-2017-17161

The 'Find Phone' function in some Huawei smart phones with software earlier than Duke-L09C10B186 versions, earlier than Duke-L09C432B187 versions, earlier than Duke-L09C636B186 versions has an authentication bypass vulnerability. Due to improper authentication realization in the 'Find Phone' function. An attacker may exploit the vulnerability to bypass the 'Find Phone' function in order to use the phone normally.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:duke-l09_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:duke-l09:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:duke-l09_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:duke-l09:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:huawei:duke-l09_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:duke-l09:-:*:*:*:*:*:*:*

Information

Published : 2018-02-15 08:29

Updated : 2019-10-02 17:03


NVD link : CVE-2017-17161

Mitre link : CVE-2017-17161


JSON object : View

CWE
CWE-287

Improper Authentication

Advertisement

dedicated server usa

Products Affected

huawei

  • duke-l09_firmware
  • duke-l09