Vulnerability Details CVE-2018-16130
System command injection in request_mitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary system commands via the "payload" URL parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.204
EPSS Ranking 95.3%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
Products affected by CVE-2018-16130
-
cpe:2.3:h:mi:mi_router_3:-
-
cpe:2.3:o:mi:miwifi_os:2.22.15