Vulnerabilities > MI > Ax3600 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2020-14115 Insufficient Verification of Data Authenticity vulnerability in MI Ax3600 Firmware 1.0.50
A command injection vulnerability exists in the Xiaomi Router AX3600.
network
low complexity
mi CWE-345
critical
9.8
2021-09-16 CVE-2020-14124 Classic Buffer Overflow vulnerability in MI Ax3600 Firmware 1.0.50/1.0.67/1.1.12
There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12.
network
low complexity
mi CWE-120
critical
9.8