Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P before 2.14.5, R3C before 2.12.15, R3 before 2.22.15, and R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Xiaomi产品操作系统命令注入漏洞
Vulnerability Description
Xiaomi R3P等都是中国小米公司的无线路由器产品。 多款Xiaomi产品上的/cgi-bin/luci中的访客Wi-Fi设置功能存在操作系统命令注入漏洞。攻击者可借助特制的JSON数据利用该漏洞执行任意命令。以下产品和版本受到影响:Xiaomi R3P 2.14.5之前版本;R3C 2.12.15之前版本;R3 2.22.15之前版本;R3D 2.26.4之前版本。
CVSS Information
N/A
Vulnerability Type
N/A