Vulnerabilities > MI > Ax3600 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2020-14111 | Insufficient Verification of Data Authenticity vulnerability in MI Ax3600 Firmware 1.0.50/1.0.67/1.1.12 A command injection vulnerability exists in the Xiaomi Router AX3600. | 7.8 |
| 2022-01-18 | CVE-2020-14110 | Incorrect Authorization vulnerability in MI Ax3600 Firmware 1.0.50 AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background. | 7.8 |
| 2021-09-16 | CVE-2020-14109 | Command Injection vulnerability in MI Ax3600 Firmware 1.0.50/1.0.67/1.1.12 There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12 | 7.2 |
| 2021-04-08 | CVE-2020-14104 | Race Condition vulnerability in MI Ax3600 Firmware 1.0.50 A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50. | 8.1 |