Mi Router 3
by Xiaomi
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-13023 | 0.02 | — | 0.24 | Nov 27, 2018 | System command injection vulnerability in wifi_access in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute system commands via the "timeout" URL parameter. | |||
| CVE-2018-16130 | 0.02 | — | 0.24 | Nov 27, 2018 | System command injection in request_mitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary system commands via the "payload" URL parameter. | |||
| CVE-2018-13022 | 0.00 | — | 0.01 | Nov 27, 2018 | Cross-site scripting vulnerability in the API 404 page on Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary JavaScript via a modified URL path. |
- CVE-2018-13023Nov 27, 2018risk 0.02cvss —epss 0.24
System command injection vulnerability in wifi_access in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute system commands via the "timeout" URL parameter.
- CVE-2018-16130Nov 27, 2018risk 0.02cvss —epss 0.24
System command injection in request_mitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary system commands via the "payload" URL parameter.
- CVE-2018-13022Nov 27, 2018risk 0.00cvss —epss 0.01
Cross-site scripting vulnerability in the API 404 page on Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary JavaScript via a modified URL path.