CVE-2021-37124
MEDIUMHuawei PC Smart Full Scene and PCManager - Path Traversal via Special Character Bypass
Title source: llmDescription
There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain path.Affected product versions include:PC Smart Full Scene 11.1 versions PCManager 11.1.1.97.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211008-01-share-en
Scores
CVSS v3
6.5
EPSS
0.0004
EPSS Percentile
13.9%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-22
Status
published
Products (2)
huawei/pc_smart_full_scene
11.1
huawei/pcmanager
11.1.1.97
Published
Oct 27, 2021
Tracked Since
Feb 18, 2026