CVE-2019-18370: OS Command Injection
First published: Wed Oct 23 2019(Updated: )
An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The backup file is in tar.gz format. After uploading, the application uses the tar zxf command to decompress, so one can control the contents of the files in the decompressed directory. In addition, the application's sh script for testing upload and download speeds reads a URL list from /tmp/speedtest_urls.xml, and there is a command injection vulnerability, as demonstrated by api/xqnetdetect/netspeed.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mi Millet Router 3G Firmware | <2.28.23 | |
| Mi Millet Router 3G Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-18370?
CVE-2019-18370 is classified as a high severity vulnerability due to its potential for remote command execution.
How do I fix CVE-2019-18370?
To fix CVE-2019-18370, update your Xiaomi Mi WiFi R3G device firmware to version 2.28.23 or later.
What devices are affected by CVE-2019-18370?
CVE-2019-18370 affects Xiaomi Mi WiFi R3G devices running firmware versions earlier than 2.28.23.
What type of attack can exploit CVE-2019-18370?
CVE-2019-18370 can be exploited through remote command execution by manipulating uploaded backup files.
Is there a known proof of concept for CVE-2019-18370?
Yes, there is a publicly available proof of concept that demonstrates the exploitation of CVE-2019-18370.
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/mi
- canonical/mi millet router 3g firmware