CVE-2017-15310

medium

Published 2017-12-22 · Modified 2026-05-13

CVSS v3

6.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CVSS v2

5.8

VIR risk

6.5

Description

Huawei iReader app before 8.0.2.301 has an arbitrary file deletion vulnerability due to the lack of input validation. An attacker can exploit this vulnerability to delete specific files from the SD card.

Predictions

Exploit likelihood

75%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@huawei.com — http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171120-01-hwreader-en

Application impact

Vendor	Product	Versions	Fixed
huawei	ireader	`{"endExcluding":"8.0.2.301"}`	`8.0.2.301`

References

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171120-01-hwreader-en
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171120-01-hwreader-en

CWEs

CWE-20

Verify integrity in audit chain (admin only). AS-IS.