High severity7.5NVD Advisory· Published Sep 5, 2018· Updated Jun 17, 2026
CVE-2018-16307
CVE-2018-16307
Description
An "Out-of-band resource load" issue was discovered on Xiaomi MIWiFi Xiaomi_55DD Version 2.8.50 devices. It is possible to induce the application to retrieve the contents of an arbitrary external URL and return those contents in its own response. If a domain name (containing a random string) is used in the HTTP Host header, the application performs an HTTP request to the specified domain. The response from that request is then included in the application's own response.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =2.8.50
Patches
Vulnerability mechanics
References
1- packetstormsecurity.com/files/149196/MIWiFi-Xiaomi_55DD-2.8.50-Out-Of-Band-Resource-Load.htmlnvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.