3 matches found
CVE-2018-16307
The CVE-2018-16307 entry applies to Xiaomi MIWiFi Xiaomi_55DD Version 2.8.50. The vulnerability is an Out-of-band resource load in the router’s web interface: if an attacker sends a request with a Host header containing a domain, the device fetches that external URL and returns the fetched conten...
Xiaomi MIWiFi Xiaomi_55DD 2.8.50 Out-Of-Band Resource Load Vulnerability
An out-of-band resource load issue was discovered on Xiaomi MIWiFi Xiaomi55DD version 2.8.50 devices. It is possible to induce the application to retrieve the contents of an arbitrary external URL and return those contents in its own response. If a domain name containing a random string is used i...
MIWiFi Xiaomi_55DD 2.8.50 Out-Of-Band Resource Load
CVE: CVE-2018-16307 Issue: Out-of-band resource load Product affected: MIWiFi Xiaomi55DD Version 2.8.50 Summary: An "Out-of-band resource load" issue was discovered on Xiaomi MIWiFi Xiaomi55DD Version 2.8.50 devices. It is possible to induce the application to retrieve the contents of an arbitrar...