CVE-2018-14010

Published: 2018-07-15T03:29Z

Last Modified: 2024-11-21T03:48Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P before 2.14.5, R3C before 2.12.15, R3 before 2.22.15, and R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt