Xiaomi File Manager App Vulnerable to Path Traversal Attacks
CVE-2023-26321
9.8CRITICAL
Key Information
- Vendor
- Xiaomi
- Status
- Xiaomi File Manager App International Version
- Vendor
- CVE Published:
- 28 August 2024
Summary
A path traversal vulnerability exists in the Xiaomi File Manager application product(international version). The vulnerability is caused by unfiltered special characters and can be exploited by attackers to overwrite and execute code in the file.
Affected Version(s)
Xiaomi File Manager App International Version <= Xiaomi File Manager App International Version
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database