CVE-2018-20523

MEDIUM

MI Stock Browser - Command Injection

Title source: rule

Description

Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request.

Exploits (1)

exploitdb WORKING POC

by Vishwaraj Bhattrai · textlocalandroid

https://www.exploit-db.com/exploits/50188

View Code ZIP pw:eip

References (3)

[Broken Link, Vendor Advisory] https://sec.xiaomi.com

[Exploit, Third Party Advisory] https://vishwarajbhattrai.wordpress.com/2019/03/22/content-provider-injection-in-xiaomi-stock-browser

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosure.html

Scores

CVSS v3 5.3

EPSS 0.0608

EPSS Percentile 90.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-77

Status published

Products (19)

mi/redmi_4a_firmware

mi/redmi_5_plus_firmware

mi/redmi_6a_firmware

mi/redmi_6_firmware

mi/redmi_7a_firmware

mi/redmi_7_firmware

mi/redmi_go_firmware

mi/redmi_k20_firmware

mi/redmi_k20_pro_firmware

mi/redmi_note_4_firmware

... and 9 more

Published Jun 07, 2019

Tracked Since Feb 18, 2026