medium
5.5
CWE
200
Advisory Published
Updated

CVE-2018-7907: Infoleak

First published: Wed Sep 26 2018(Updated: )

Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223, Toronto-TL10 Toronto-TL10C01B223 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the input, successful exploitation can cause sensitive information leak.

Credit: psirt@huawei.com

Affected SoftwareAffected VersionHow to fix
Huawei Agassi-l09 Firmware=ags-l09c100b257custc100d001
Huawei Agassi-l09 Firmware=ags-l09c170b253custc170d001
Huawei Agassi-l09 Firmware=ags-l09c199b251custc199d001
Huawei Agassi-l09 Firmware=ags-l09c229b003custc229d001
Huawei Agassi-l09
Huawei Agassi-w09 Firmware=ags-w09c100b257custc100d001
Huawei Agassi-w09 Firmware=ags-w09c128b252custc128d001
Huawei Agassi-w09 Firmware=ags-w09c170b252custc170d001
Huawei Agassi-w09 Firmware=ags-w09c229b251custc229d001
Huawei Agassi-w09 Firmware=ags-w09c331b003custc331d001
Huawei Agassi-w09 Firmware=ags-w09c794b001custc794d001
Huawei Agassi-w09
Huawei Baggio2-u01a Firmware=bg2-u01c100b160custc100d001
Huawei Baggio2-u01a Firmware=bg2-u01c170b160custc170d001
Huawei Baggio2-u01a Firmware=bg2-u01c199b162custc199d001
Huawei Baggio2-u01a Firmware=bg2-u01c209b160custc209d001
Huawei Baggio2-u01a Firmware=bg2-u01c333b160custc333d001
Huawei Baggio2-u01a
Huawei Bond-al00c Firmware=bond-al00cc00b201
Huawei Bond-al00c
Huawei Bond-al10b Firmware=bond-al10bc00b201
Huawei Bond-al10b
Huawei Bond-tl10b Firmware=bond-tl10bc01b201
Huawei Bond-tl10b
Huawei Bond-tl10c Firmware=bond-tl10cc01b131
Huawei Bond-tl10c
Huawei Haydn-l1jb Firmware=hdn-l1jc137b068
Huawei Haydn-l1jb
Huawei Kobe-l09a Firmware=kob-l09c100b252custc100d001
Huawei Kobe-l09a Firmware=kob-l09c209b002custc209d001
Huawei Kobe-l09a Firmware=kob-l09c362b001custc362d001
Huawei Kobe-l09a
Huawei Kobe-l09ahn Firmware=kob-l09c233b226
Huawei Kobe-l09ahn
Huawei Kobe-w09c Firmware=kob-w09c128b251custc128d001
Huawei Kobe-w09c
Apple iOS=8.0.0.101_c675custc675d2
Apple tvOS
Apple High Sierra=8.0.0.101_c675custc675d2
Google Android
Huawei Rhone-al00 Firmware=rhone-al00c00b186
Huawei Rhone-al00
Huawei Selina-l02 Firmware=selina-l02c432b153
Huawei Selina-l02
Huawei Stanford-l09s Firmware=stanford-l09sc432b183
Huawei Stanford-l09s
Huawei Toronto-al00 Firmware=toronto-al00c00b223
Huawei Toronto-al00
Huawei Toronto-al00a Firmware=toronto-al00ac00b223
Huawei Toronto-al00a
Huawei Toronto-tl10 Firmware=toronto-tl10c01b223
Huawei Toronto-tl10

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203