POC-EXP 漏洞 备注 Drupal Drupalgeddon 2 远程代码执行漏洞(CVE-2018-7600) 复现分析 小米系列路由器漏洞(CVE-2019-18371/CVE-2019-18370) 漏洞报告
An issue exists on Xiaomi Mi WiFi R3G devices prior to 2.28.23-stable. There is a directory traversal vulnerability to read arbitrary files via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mi millet_router_3g_firmware |