CVE-2017-15309

Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. An attacker can exploit this vulnerability to store downloaded malicious files in an arbitrary directory. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt