CVE-2021-37104

Name of the Vulnerable Software and Affected Versions HUAWEI P40 version 10.1.0.118(C00E116R3P3)

Description The issue is due to insufficient validation of parameters while dealing with some messages, leading to a server-side request forgery vulnerability. A successful exploit could allow the attacker to gain access to certain resources that they are not supposed to access.

Recommendations For HUAWEI P40 version 10.1.0.118(C00E116R3P3), consider restricting access to sensitive resources until a patch is available. As a temporary workaround, ensure that all parameters are thoroughly validated to prevent unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.