Lucene search
PRIOn knowledge basePRION:CVE-2019-18371HistoryOct 23, 2019 - 9:15 p.m.
Directory traversal
2019-10-2321:15:00
PRIOn knowledge base
www.prio-n.com
5
An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. There is a directory traversal vulnerability to read arbitrary files via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks…/etc/config/account. With this vulnerability, the attacker can bypass authentication.
| CPE | Name | Operator | Version |
|---|---|---|---|
| millet_router_3g_firmware | lt | 2.28.23 |
Related
cve
cve
CVE-2019-18371
2019-10-23 21:15:10
cvelist
cvelist
CVE-2019-18371
2019-10-23 20:02:12
nuclei
nuclei
Xiaomi Mi WiFi R3G Routers - Local file Inclusion
2022-05-18 11:13:32
nvd
nvd
CVE-2019-18371
2019-10-23 21:15:10
openvas
openvas
Generic HTTP Directory Traversal (Web Dirs) - Active Check
2021-07-22 00:00:00