Vulnerabilities > MI

DATE CVE VULNERABILITY TITLE RISK
2024-09-23 CVE-2024-45348 Command Injection vulnerability in MI Ax9000 Firmware
Xiaomi Router AX9000 has a post-authorization command injection vulnerability.
network
low complexity
mi CWE-77
8.8
2024-08-28 CVE-2023-26321 Path Traversal vulnerability in MI File Manager 1210567
A path traversal vulnerability exists in the Xiaomi File Manager application product(international version).
network
low complexity
mi CWE-22
critical
9.8
2024-08-28 CVE-2023-26322 Unspecified vulnerability in MI Getapps
A code execution vulnerability exists in the XiaomiGetApps application product.
network
low complexity
mi
critical
9.8
2024-08-28 CVE-2023-26323 Unspecified vulnerability in MI APP Market
A code execution vulnerability exists in the Xiaomi App market product.
network
low complexity
mi
critical
9.8
2024-08-28 CVE-2023-26324 Unspecified vulnerability in MI Getapps
A code execution vulnerability exists in the XiaomiGetApps application product.
network
low complexity
mi
critical
9.8
2024-08-26 CVE-2023-26315 Command Injection vulnerability in MI Ax9000 Firmware
The Xiaomi router AX9000 has a post-authentication command injection vulnerability.
network
low complexity
mi CWE-77
8.8
2023-10-11 CVE-2023-26318 Classic Buffer Overflow vulnerability in MI Xiaomi Router Ax3200 Firmware
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers.
network
low complexity
mi CWE-120
7.2
2023-10-11 CVE-2023-26319 Command Injection vulnerability in MI Xiaomi Router Ax3200 Firmware
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection.
network
low complexity
mi CWE-77
7.2
2023-10-11 CVE-2023-26320 Command Injection vulnerability in MI Xiaomi Router Ax3200 Firmware
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection.
network
high complexity
mi CWE-77
8.1
2023-08-02 CVE-2023-26316 Cross-site Scripting vulnerability in MI Xiaomi Cloud 1.12.0.0.21/1.12.0.0.25
A XSS vulnerability exists in the Xiaomi cloud service Application product.
network
low complexity
mi CWE-79
6.1