Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for upgrade software package download and does not check the integrity of the software package before installing; an attacker can launch an MITM attack to interrupt or replace the downloaded software package and further compromise the PC.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
华为HiSuite 输入验证漏洞
Vulnerability Description
华为HiSuite是中国华为(Huawei)公司的一套用于PC端的手机助手软件。 华为HiSuite 4.0.5.300_OVE版本中存在安全漏洞,该漏洞源于程序使用了未加密的HTTP方式下载升级软件包,并在安装前没有对软件包做完整性校验。攻击者可利用该漏洞实施中间人攻击,中断或替换下载的软件包。
CVSS Information
N/A
Vulnerability Type
N/A