Vulnerabilities > MI > High

DATE CVE VULNERABILITY TITLE RISK
2022-06-08 CVE-2020-14125 Out-of-bounds Write vulnerability in MI Miui 12.5/12.5.2/2020.01.15
A denial of service vulnerability exists in some Xiaomi models of phones.
network
low complexity
mi CWE-787
7.5
2022-04-22 CVE-2020-14123 Double Free vulnerability in MI Miui 12.5.2
There is a pointer double free vulnerability in Some MIUI Services.
network
low complexity
mi CWE-415
7.5
2022-04-21 CVE-2020-14116 Insufficient Verification of Data Authenticity vulnerability in MI Browser
An intent redirection vulnerability in the Mi Browser product.
network
low complexity
mi CWE-345
7.5
2022-04-21 CVE-2020-14120 Improper Validation of Integrity Check Value vulnerability in MI Miui 12.5
Some Xiaomi models have a vulnerability in a certain application.
network
low complexity
mi CWE-354
8.8
2022-03-10 CVE-2020-14111 Insufficient Verification of Data Authenticity vulnerability in MI Ax3600 Firmware 1.0.50/1.0.67/1.1.12
A command injection vulnerability exists in the Xiaomi Router AX3600.
local
low complexity
mi CWE-345
7.8
2022-01-18 CVE-2020-14107 Out-of-bounds Write vulnerability in MI Xiaomi Mirror Screen
A stack overflow in the HTTP server of Cast can be exploited to make the app crash in LAN.
network
low complexity
mi CWE-787
7.5
2022-01-18 CVE-2020-14110 Incorrect Authorization vulnerability in MI Ax3600 Firmware 1.0.50
AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background.
local
low complexity
mi CWE-863
7.8
2021-09-16 CVE-2020-14109 Command Injection vulnerability in MI Ax3600 Firmware 1.0.50/1.0.67/1.1.12
There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12
network
low complexity
mi CWE-77
7.2
2021-04-08 CVE-2020-14104 Race Condition vulnerability in MI Ax3600 Firmware 1.0.50
A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50.
network
high complexity
mi CWE-362
8.1
2021-04-08 CVE-2020-14099 Use of Hard-coded Credentials vulnerability in MI Ax1800 Firmware and Rm1800 Firmware
On Xiaomi router AX1800 rom version < 1.0.336 and RM1800 root version < 1.0.26, the encryption scheme for a user's backup files uses hard-coded keys, which can expose sensitive information such as a user's password.
network
low complexity
mi CWE-798
7.5