Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2019/04/11 12:0 a.m.49 views

Xiaomi Mi Browser / Mint Browser URL Spoofing

Exploit Title: URL Spoofing Exploit for Xiaomi Mi Browser v10.5.6-g and Mint Browser v1.5.3 Date : 11/04/2019 Exploit Author: Arif Khan @payloadartist Vendor Homepage: www.xiaomi.com Version : v10.5.6-g and v1.5.3 Tested On : MIUI OS, v10.1.3.0 CVE : CVE-2019-10875 Exploit:...

4.3CVSS6.6AI score0.02229EPSS
Exploits2
Circl
Circl
added 2019/04/05 12:55 p.m.9 views

CVE-2019-10875

creationtimestamp| type| source ---|---|--- 2019-04-05 12:55:24+00:00| seen| https://t.me/thehackernews/253 2019-04-05 14:31:20+00:00| seen| https://t.me/SecLabNews/4658 2019-04-05 18:13:06+00:00| published-proof-of-concept| https://t.me/itsecnews/30 2019-04-09 21:10:18+00:00| seen|...

6.5CVSS6.8AI score0.02229EPSS
Exploits2References6
CVE
CVE
added 2019/04/05 12:36 p.m.57 views

CVE-2019-10875

CVE-2019-10875 is a URL-spoofing vulnerability in Xiaomi Mi Browser (international) 10.5.6-g and Mint Browser 1.5.3 caused by how the q parameter is handled: the portion of the https URL before ?q= is not displayed, enabling spoofing of the address bar. Several public sources document a PoC and p...

6.5CVSS6.3AI score0.02229EPSS
Exploits2References4Affected Software2
The Hacker News
The Hacker News
added 2019/04/05 10:44 a.m.118 views

Unpatched Flaw in Xiaomi's Built-in Browser App Lets Hackers Spoof URLs

EXCLUSIVE — Beware, if you are using a Xiaomi's Mi or Redmi smartphone, you should immediately update its built-in MI browser or the Mint browser available on Google Play Store for non-Xiaomi Android devices. That's because both web browser apps created by Xiaomi are vulnerable to a critical...

6.5CVSS0.3AI score0.02229EPSS
Exploits2
Rows per page
Query Builder