RSS   Vulnerabilities for
'Xiaomi miwifi xiaomi 55dd firmware'
   RSS

2018-09-05
 
CVE-2018-16307

CWE-200
 

 
An "Out-of-band resource load" issue was discovered on Xiaomi MIWiFi Xiaomi_55DD Version 2.8.50 devices. It is possible to induce the application to retrieve the contents of an arbitrary external URL and return those contents in its own response. If a domain name (containing a random string) is used in the HTTP Host header, the application performs an HTTP request to the specified domain. The response from that request is then included in the application's own response.

 

 >>> Vendor: MI 28 Products
Xiaomi miwifi xiaomi 55dd firmware
Miwifi os
Redmi 6 firmware
Xiaomi mi-a1 firmware
Mi browser
Mint browser
MIUI
Mi6 browser
Stock browser
Redmi 4a firmware
Redmi 5 plus firmware
Redmi 6a firmware
Redmi 7 firmware
Redmi 7a firmware
Redmi go firmware
Redmi k20 firmware
Redmi k20 pro firmware
Redmi note 4 firmware
Redmi note 5 firmware
Redmi note 5 pro firmware
Redmi note 5a prime firmware
Redmi note 6 pro firmware
Redmi note 7 firmware
Redmi note 7s firmware
Redmi s2 firmware
Redmi y3 firmware
Xiaomi millet firmware
Xiaomi mirror screen


Copyright 2024, cxsecurity.com

 

Back to Top