CVE-2024-45352

The repository provides a functional proof-of-concept for CVE-2024-45352, demonstrating unauthenticated remote code execution in Xiaomi Smarthome via a crafted API request. The PoC leverages improper input handling in the internal API parser to execute arbitrary commands.

The repository contains only a minimal README with a CVE title and no technical details, exploit code, or analysis. It appears to be a placeholder without substantive content.

The repository contains a functional Proof of Concept (PoC) for CVE-2024-45352, demonstrating how a malicious app can exploit Xiaomi's default browser by passing unvalidated intents via `startActivity` to open arbitrary URLs. The PoC includes Java code to launch the browser with a malicious URL, highlighting the lack of intent validation.