CVE-2021-47850

Mini Mouse 9.2.0 - Path Traversal

CVSS 8.7 HIGHEPSS 1.2%CWE-22

Mini Mouse 9.2.0 contains a path traversal vulnerability that allows remote attackers to access arbitrary system files and directories through crafted HTTP requests. Attackers can retrieve sensitive files like win.ini and list contents of system directories such as C:\Users\Public by manipulating file and path parameters.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Productos afectados

Yodinfo · Mini Mouse

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://apps.apple.com/us/app/mini-mouse-remote-control/id914250948 https://www.exploit-db.com/exploits/49744 https://www.vulncheck.com/advisories/mini-mouse-path-traversal