Details of VAR-201810-1607

ID

VAR-201810-1607

TITLE

Code execution vulnerability in multiple versions of Xiaomi router

Trust: 0.6

sources: CNVD: CNVD-2018-21075

DESCRIPTION

Xiaomi router is a router. There is a code execution vulnerability in the Xiaomi router. An attacker could use the vulnerability to execute arbitrary code.

Trust: 0.6

sources: CNVD: CNVD-2018-21075

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-21075

AFFECTED PRODUCTS

vendor:

xiaomi

model:

technology co. ltd.xiaomi router r1d

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2018-21075

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2018-21075
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2018-21075
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:A/AC:H/AU:S/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	HIGH
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	2.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2018-21075

PATCH

title:

Xiaomi router R1D has code execution vulnerability

url:

https://www.cnvd.org.cn/patchinfo/show/141475

Trust: 0.6

sources: CNVD: CNVD-2018-21075

EXTERNAL IDS

db:

CNVD

id:

CNVD-2018-21075

Trust: 0.6

sources: CNVD: CNVD-2018-21075

SOURCES

db:

CNVD

id:

CNVD-2018-21075

LAST UPDATE DATE

2022-05-04T09:22:40.280000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2018-21075

date:

2018-11-23T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2018-21075

date:

2018-10-15T00:00:00