Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2019-18370
- EPSS 64.01%
- Published 23.10.2019 21:15:10
- Last modified 21.11.2024 04:33:09
An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The backup file is in tar.gz format. After uploading, the application uses the tar zxf command to decompress, so one can control the contents of the files in the decompresse...
7.5
CVE-2019-18371
- EPSS 90.63%
- Published 23.10.2019 21:15:10
- Last modified 21.11.2024 04:33:09
An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. There is a directory traversal vulnerability to read arbitrary files via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/accou...
1