Vulnerabilities > MI > Ax3600 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2020-14111 Insufficient Verification of Data Authenticity vulnerability in MI Ax3600 Firmware 1.0.50/1.1.12
A command injection vulnerability exists in the Xiaomi Router AX3600.
local
low complexity
mi CWE-345
7.2
2021-09-16 CVE-2020-14124 Classic Buffer Overflow vulnerability in MI Ax3600 Firmware 1.0.50/1.1.12
There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12.
network
low complexity
mi CWE-120
7.5