Code Execution Vulnerability in Xiaomi Shop Application
CVE-2024-45354

4.3MEDIUM

Key Information:

Vendor
Xiaomi
Status
Xiaomi Shop Application
Vendor
CVE Published:
27 March 2025

Summary

A critical vulnerability in the Xiaomi Shop Application arises from improper input validation, enabling attackers to execute unauthorized code. This issue exposes users to potential exploitation, making it essential for stakeholders to prioritize updates and security measures to safeguard their systems.

Affected Version(s)

Xiaomi shop application Xiaomi shop application 5.30.0.20241103.r1

References

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId...

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2024-45354 : Code Execution Vulnerability in Xiaomi Shop Application | SecurityVulnerability.io