Vulnerabilities > MI > High

DATE CVE VULNERABILITY TITLE RISK
2024-09-23 CVE-2024-45348 Command Injection vulnerability in MI Ax9000 Firmware
Xiaomi Router AX9000 has a post-authorization command injection vulnerability.
network
low complexity
mi CWE-77
8.8
2024-08-26 CVE-2023-26315 Command Injection vulnerability in MI Ax9000 Firmware
The Xiaomi router AX9000 has a post-authentication command injection vulnerability.
network
low complexity
mi CWE-77
8.8
2023-10-11 CVE-2023-26318 Classic Buffer Overflow vulnerability in MI Xiaomi Router Ax3200 Firmware
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers.
network
low complexity
mi CWE-120
7.2
2023-10-11 CVE-2023-26319 Command Injection vulnerability in MI Xiaomi Router Ax3200 Firmware
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection.
network
low complexity
mi CWE-77
7.2
2023-10-11 CVE-2023-26320 Command Injection vulnerability in MI Xiaomi Router Ax3200 Firmware
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection.
network
high complexity
mi CWE-77
8.1
2023-03-29 CVE-2020-14140 Missing Authentication for Critical Function vulnerability in MI Xiaomi Router Firmware
When Xiaomi router firmware is updated in 2020, there is an unauthenticated API that can reveal WIFI password vulnerability.
network
low complexity
mi CWE-306
7.5
2022-07-22 CVE-2020-14114 Unspecified vulnerability in MI Smarthome
information leakage vulnerability exists in the Xiaomi SmartHome APP.
network
low complexity
mi
7.5
2022-07-22 CVE-2020-14126 Unspecified vulnerability in MI Sound
Information leakage vulnerability exists in the Mi Sound APP.
network
low complexity
mi
7.5
2022-07-14 CVE-2020-14127 Out-of-bounds Write vulnerability in MI Miui
A denial of service vulnerability exists in some Xiaomi models of phones.
network
low complexity
mi CWE-787
7.5
2022-06-16 CVE-2022-31277 Authentication Bypass by Capture-replay vulnerability in MI Xiaomi Lamp 1 Firmware 2.0.40066
Xiaomi Lamp 1 v2.0.4_0066 was discovered to be vulnerable to replay attacks.
low complexity
mi CWE-294
8.8