Описание
A malicious file upload vulnerability was discovered in Xiaomi Millet mobile phones 1-6.3.9.3. A particular condition involving a man-in-the-middle attack may lead to partial data leakage or malicious file writing.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:mi:xiaomi_millet_firmware:1-6.3.9.3:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00266
Низкий
7.4 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-434
Связанные уязвимости
github
больше 3 лет назад
A malicious file upload vulnerability was discovered in Xiaomi Millet mobile phones 1-6.3.9.3. A man-in-the-middle attacker could write files or read privileged data.
EPSS
Процентиль: 50%
0.00266
Низкий
7.4 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-434