Xiaomi Mi Router 3 Command Injection Vulnerability (CNVD-2018-24496)
Xiaomi Mi Router 3 is a wireless router product from Chinese company Xiaomi. A system command injection vulnerability exists in the wifiaccess endpoint in Xiaomi Mi Router 3 version 2.22.15. The vulnerability can be exploited to execute system commands with the 'timeout' URL parameter...