Skip to main content

Miwifi Os

3 CVEs product

Monthly

CVE-2018-16130 HIGH POC THREAT This Week

System command injection in request_mitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary system commands via the "payload" URL parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Miwifi Os
NVD
CVSS 3.0
8.8
EPSS
24.0%
CVE-2018-13023 HIGH POC THREAT This Week

System command injection vulnerability in wifi_access in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute system commands via the "timeout" URL parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Miwifi Os
NVD
CVSS 3.0
8.8
EPSS
24.0%
CVE-2018-13022 MEDIUM POC This Month

Cross-site scripting vulnerability in the API 404 page on Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary JavaScript via a modified URL path. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Miwifi Os
NVD
CVSS 3.0
6.1
EPSS
0.7%
EPSS 24% CVSS 8.8
HIGH POC THREAT This Week

System command injection in request_mitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary system commands via the "payload" URL parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Miwifi Os
NVD
EPSS 24% CVSS 8.8
HIGH POC THREAT This Week

System command injection vulnerability in wifi_access in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute system commands via the "timeout" URL parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Miwifi Os
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Cross-site scripting vulnerability in the API 404 page on Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary JavaScript via a modified URL path. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Miwifi Os
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy