CVE-2020-14111
- EPSS 0.04%
- Published 10.03.2022 17:41:16
- Last modified 21.11.2024 05:02:40
A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.
- EPSS 0.74%
- Published 10.03.2022 17:41:16
- Last modified 21.11.2024 05:02:41
A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.
CVE-2020-14110
- EPSS 0.05%
- Published 18.01.2022 17:15:08
- Last modified 21.11.2024 05:02:40
AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background.
CVE-2020-14124
- EPSS 0.68%
- Published 16.09.2021 13:15:14
- Last modified 21.11.2024 05:02:42
There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12.
- EPSS 0.96%
- Published 16.09.2021 12:15:07
- Last modified 21.11.2024 05:02:40
There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12
CVE-2020-14104
- EPSS 0.39%
- Published 08.04.2021 18:15:13
- Last modified 21.11.2024 05:02:39
A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50.