4 matches found
CVE-2018-16130
System command injection in requestmitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary system commands via the "payload" URL parameter...
CVE-2018-16130
Affected product: Xiaomi Mi Router 3, firmware 2.22.15. Vulnerability: system command injection in the /request_mitv endpoint via the payload URL parameter, allowing an attacker to execute arbitrary commands. Root cause: unsanitized “payload” parameter leading to command execution. Impact: high (...
CVE-2018-16130
System command injection in requestmitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary system commands via the "payload" URL parameter...
CVE-2018-16130
System command injection in requestmitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary system commands via the "payload" URL parameter...