Описание
A path traversal vulnerability exists in the Xiaomi File Manager application product(international version). The vulnerability is caused by unfiltered special characters and can be exploited by attackers to overwrite and execute code in the file.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:mi:file_manager:1-210567:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00493
Низкий
6.3 Medium
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 6.3
github
больше 1 года назад
A path traversal vulnerability exists in the Xiaomi File Manager application product(international version). The vulnerability is caused by unfiltered special characters and can be exploited by attackers to overwrite and execute code in the file.
EPSS
Процентиль: 65%
0.00493
Низкий
6.3 Medium
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-22
CWE-22