CVE-2017-17223

Name of the Vulnerable Software and Affected Versions: Huawei eSpace 7910 version V200R003C30 Huawei eSpace 7950 version V200R003C30 Huawei eSpace 8950 versions V200R003C00 through V200R003C30

Description: The issue allows an authenticated, remote attacker to exploit a directory traversal vulnerability by crafting a specific URL to the affected products. Due to insufficient verification of the URL, a successful exploit can lead to the upload and download of files, causing information leaks and system crashes.

Recommendations: For Huawei eSpace 7910 version V200R003C30, update to a version that addresses the directory traversal vulnerability. For Huawei eSpace 7950 version V200R003C30, update to a version that addresses the directory traversal vulnerability. For Huawei eSpace 8950 versions V200R003C00 through V200R003C30, update to a version that addresses the directory traversal vulnerability.