CVE-2023-27346
- EPSS 1.6%
- Published 03.05.2024 02:15:12
- Last modified 06.08.2025 14:23:12
TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not...
CVE-2020-14099
- EPSS 0.15%
- Published 08.04.2021 18:15:13
- Last modified 21.11.2024 05:02:38
On Xiaomi router AX1800 rom version < 1.0.336 and RM1800 root version < 1.0.26, the encryption scheme for a user's backup files uses hard-coded keys, which can expose sensitive information such as a user's password.
CVE-2020-14098
- EPSS 0.24%
- Published 13.01.2021 23:15:13
- Last modified 21.11.2024 05:02:38
The login verification can be bypassed by using the problem that the time is not synchronized after the router restarts. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26.
CVE-2020-14101
- EPSS 0.32%
- Published 13.01.2021 23:15:13
- Last modified 21.11.2024 05:02:38
The data collection SDK of the router web management interface caused the leakage of the token. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26.
- EPSS 2.4%
- Published 13.01.2021 23:15:13
- Last modified 21.11.2024 05:02:39
There is command injection when ddns processes the hostname, which causes the administrator user to obtain the root privilege of the router. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26.