Vulnerabilities > MI

DATE CVE VULNERABILITY TITLE RISK
2022-04-22 CVE-2020-14123 Double Free vulnerability in MI Miui 12.5.2
There is a pointer double free vulnerability in Some MIUI Services.
network
low complexity
mi CWE-415
5.0
2022-04-21 CVE-2020-14116 Insufficient Verification of Data Authenticity vulnerability in MI Browser
An intent redirection vulnerability in the Mi Browser product.
network
low complexity
mi CWE-345
5.0
2022-04-21 CVE-2020-14117 Incorrect Default Permissions vulnerability in MI Content Center
A improper permission configuration vulnerability in Xiaomi Content Center APP.
network
low complexity
mi CWE-276
5.0
2022-04-21 CVE-2020-14118 Open Redirect vulnerability in MI APP Store
An intent redirection vulnerability in the Mi App Store product.
network
mi CWE-601
5.8
2022-04-21 CVE-2020-14120 Improper Validation of Integrity Check Value vulnerability in MI Miui 12.5
Some Xiaomi models have a vulnerability in a certain application.
network
mi CWE-354
6.8
2022-04-21 CVE-2020-14121 Improper Authentication vulnerability in MI APP Store 4.12.2
A business logic vulnerability exists in Mi App Store.
local
low complexity
mi CWE-287
2.1
2022-04-21 CVE-2020-14122 Insufficient Verification of Data Authenticity vulnerability in MI Miui 12.5.2
Some Xiaomi phones have information leakage vulnerabilities, and some of them may be able to forge a specific identity due to the lack of parameter verification, resulting in user information leakage.
local
low complexity
mi CWE-345
2.1
2022-03-10 CVE-2020-14111 Insufficient Verification of Data Authenticity vulnerability in MI Ax3600 Firmware 1.0.50/1.1.12
A command injection vulnerability exists in the Xiaomi Router AX3600.
local
low complexity
mi CWE-345
7.2
2022-03-10 CVE-2020-14112 Information Exposure vulnerability in MI Ax6000 Firmware
Information Leak Vulnerability exists in the Xiaomi Router AX6000.
network
low complexity
mi CWE-200
5.0
2022-03-10 CVE-2020-14115 Insufficient Verification of Data Authenticity vulnerability in MI Ax3600 Firmware 1.0.50
A command injection vulnerability exists in the Xiaomi Router AX3600.
network
low complexity
mi CWE-345
critical
10.0