Vulnerabilities > CVE-2020-11960 - Unspecified vulnerability in MI Xiaomi R3600 Firmware

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
mi

Summary

Xiaomi router R3600 ROM before 1.0.50 is affected by a vulnerability when checking backup file in c_upload interface let attacker able to extract malicious file under any location in /tmp, lead to possible RCE and DoS

Vulnerable Configurations

Part Description Count
OS
Mi
1
Hardware
Mi
1