Vulnerabilities > MI > Ax3600 Firmware > 1.1.12

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2020-14111 Insufficient Verification of Data Authenticity vulnerability in MI Ax3600 Firmware 1.0.50/1.1.12
A command injection vulnerability exists in the Xiaomi Router AX3600.
local
low complexity
mi CWE-345
7.2
7.2
2021-09-16 CVE-2020-14124 Classic Buffer Overflow vulnerability in MI Ax3600 Firmware 1.0.50/1.1.12
There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12.
network
low complexity
mi CWE-120
7.5
7.5
2021-09-16 CVE-2020-14109 Command Injection vulnerability in MI Ax3600 Firmware 1.0.50/1.1.12
There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12
network
low complexity
mi CWE-77
critical
 9.0
9.0