Vulnerabilities > MI > Ax3600 Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-10 | CVE-2020-14111 | Insufficient Verification of Data Authenticity vulnerability in MI Ax3600 Firmware 1.0.50/1.0.67/1.1.12 A command injection vulnerability exists in the Xiaomi Router AX3600. | 7.8 |
2022-03-10 | CVE-2020-14115 | Insufficient Verification of Data Authenticity vulnerability in MI Ax3600 Firmware 1.0.50 A command injection vulnerability exists in the Xiaomi Router AX3600. | 9.8 |
2022-01-18 | CVE-2020-14110 | Incorrect Authorization vulnerability in MI Ax3600 Firmware 1.0.50 AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background. | 7.8 |
2021-09-16 | CVE-2020-14124 | Classic Buffer Overflow vulnerability in MI Ax3600 Firmware 1.0.50/1.0.67/1.1.12 There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12. | 9.8 |
2021-09-16 | CVE-2020-14109 | Command Injection vulnerability in MI Ax3600 Firmware 1.0.50/1.0.67/1.1.12 There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12 | 7.2 |
2021-04-08 | CVE-2020-14104 | Race Condition vulnerability in MI Ax3600 Firmware 1.0.50 A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50. | 8.1 |