This page lists publicly disclosed CVE vulnerabilities affecting yodinfo mini_mouse (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-47851 | Mini Mouse 9.2.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary commands through an unauthenticated HTTP endpoint. Attackers can leverage the /op=command endpoint to download and execute payloads by sending crafted JSON requests with malicious script commands. | [email protected] | 9.3 | 0.90% | 2026-01-21 | 2026-02-02 |
| CVE-2021-47850 | Mini Mouse 9.2.0 contains a path traversal vulnerability that allows remote attackers to access arbitrary system files and directories through crafted HTTP requests. Attackers can retrieve sensitive files like win.ini and list contents of system directories such as C:\Users\Public by manipulating file and path parameters. | [email protected] | 8.7 | 0.30% | 2026-01-21 | 2026-02-02 |
| CVE-2021-47849 | Mini Mouse 9.3.0 contains a path traversal vulnerability that allows attackers to access sensitive system directories through the device information endpoint. Attackers can retrieve file lists from system directories like /usr, /etc, and /var by manipulating file path parameters in API requests. | [email protected] | 8.7 | 0.04% | 2026-01-21 | 2026-02-02 |