CVE-2019-18370 PoC — Xiaomi Mi WiFi R3G 输入验证错误漏洞

Source

https://github.com/Threekiii/Awesome-POC/blob/master/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/%E5%B0%8F%E7%B1%B3%20%E8%B7%AF%E7%94%B1%E5%99%A8%20c_upload%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2019-18370.md

Associated Vulnerability

Title:Xiaomi Mi WiFi R3G 输入验证错误漏洞 (CVE-2019-18370)
Description:Xiaomi Mi WiFi R3G是中国小米科技（Xiaomi）公司的一款3G路由器。 Xiaomi Mi WiFi R3G 2.28.23-stable之前版本中存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。

File Snapshot


 # 小米 路由器 c_upload 远程命令执行漏洞 CVE-2019-18370

## 漏洞描述

小米路由器存在接口，备份文件是tar.gz格式的，上传后tar zxf解压，所以构造备份文件，可

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2019-18370 PoC — Xiaomi Mi WiFi R3G 输入验证错误漏洞

Source

Associated Vulnerability

File Snapshot

Remarks