CVE-2023-26321

Name of the Vulnerable Software and Affected Versions Xiaomi File Manager (affected versions not specified)

Description A path traversal vulnerability exists in the Xiaomi File Manager application, caused by unfiltered special characters. This allows attackers to overwrite and execute code in files. The issue can be exploited to manipulate critical files within the app's home directory, enabling arbitrary code execution. It is estimated that the vulnerability affects billions of users.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.