Sign-up

ID

VAR-202111-1856


TITLE

Xiaomi Mi WiFi has an arbitrary file reading vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-72099

DESCRIPTION

Xiaomi Technology Co., Ltd. was established on March 3, 2010. It is a global mobile Internet company focusing on the research and development of smart hardware and electronic products. It is also an innovation focusing on the construction of high-end smart phones, Internet TVs and smart home ecological chains. Type technology enterprise. Xiaomi Mi WiFi has arbitrary file reading vulnerabilities. Attackers can use this vulnerability to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-72099

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-72099

AFFECTED PRODUCTS

vendor:xiaomi mimodel:wifi <r3g 2.28.23-stablescope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2021-72099

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2021-72099
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2021-72099
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2021-72099

PATCH

title:Patch for Xiaomi Mi WiFi has an arbitrary file reading vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/292081

Trust: 0.6

sources: CNVD: CNVD-2021-72099

EXTERNAL IDS

db:CNVDid:CNVD-2021-72099

Trust: 0.6

sources: CNVD: CNVD-2021-72099

SOURCES

db:CNVDid:CNVD-2021-72099

LAST UPDATE DATE

2022-05-04T08:51:52.952000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-72099date:2021-10-26T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-72099date:2021-11-04T00:00:00