Vulnerabilities > MI

DATE CVE VULNERABILITY TITLE RISK
2020-06-24 CVE-2020-10561 Command Injection vulnerability in MI Mijia Inkjet Printer Firmware
An issue was discovered on Xiaomi Mi Jia ink-jet printer < 3.4.6_0138.
network
low complexity
mi CWE-77
critical
9.8
2020-06-24 CVE-2020-14095 Out-of-bounds Write vulnerability in MI Xiaomi R3600 Firmware
In Xiaomi router R3600, ROM version<1.0.20, a connect service suffers from an injection vulnerability through the web interface, leading to a stack overflow or remote code execution.
network
low complexity
mi CWE-787
critical
9.8
2020-06-24 CVE-2020-14094 Out-of-bounds Write vulnerability in MI Xiaomi R3600 Firmware
In Xiaomi router R3600, ROM version<1.0.20, the connection service can be injected through the web interface, resulting in stack overflow or remote code execution.
network
low complexity
mi CWE-787
critical
9.8
2020-04-08 CVE-2020-10263 Missing Authentication for Critical Function vulnerability in MI Xiaomi Xiaoai Speaker PRO Lx06 Firmware 1.52.4
An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4.
low complexity
mi CWE-306
6.8
2020-04-08 CVE-2020-10262 Unspecified vulnerability in MI Xiaomi Xiaoai Speaker PRO Lx06 Firmware 1.58.10
An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.58.10.
low complexity
mi
6.8
2020-03-06 CVE-2020-9531 Unspecified vulnerability in MI Miui Firmware 11.0.5.0.Qfaeuxm
An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices.
low complexity
mi
7.3
2020-03-06 CVE-2020-9530 Code Injection vulnerability in MI Miui Firmware 11.0.5.0.Qfaeuxm
An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices.
network
low complexity
mi CWE-94
6.5
2020-03-05 CVE-2020-8994 Improper Authentication vulnerability in MI Mdz-25-Dt Firmware 1.34.36/1.40.14
An issue was discovered on XIAOMI AI speaker MDZ-25-DT 1.34.36, and 1.40.14.
low complexity
mi CWE-287
6.8
2020-02-10 CVE-2019-13322 Improper Input Validation vulnerability in MI Browser
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Browser Prior to 10.4.0.
network
low complexity
mi CWE-20
8.8
2020-02-10 CVE-2019-13321 Incorrect Permission Assignment for Critical Resource vulnerability in MI Browser
This vulnerability allows network adjacent attackers to execute arbitrary code on affected installations of Xiaomi Browser Prior to 10.4.0.
low complexity
mi CWE-732
8.0