CVE-2020-11960

Xiaomi router R3600 ROM before 1.0.50 is affected by a vulnerability when checking backup file in c_upload interface let attacker able to extract malicious file under any location in /tmp, lead to possible RCE and DoS > MITRE Terms of Use apply – see LICENSE‑MITRE.txt