CVE-2018-7922

Name of the Vulnerable Software and Affected Versions: Huawei ALP-L09 versions prior to 8.0.0.150(C432)

Description: The issue is due to insufficient input validation resulting from a lack of parameter checks. An attacker can trick a user with root privileges into installing a crafted application, which may then modify specific data to exploit this issue. Successful exploitation could allow the attacker to execute arbitrary code.

Recommendations: For versions prior to 8.0.0.150(C432), update to version 8.0.0.150(C432) or later to resolve the issue. As a temporary workaround, consider restricting the installation of applications from untrusted sources to minimize the risk of exploitation.