Vulnerabilities > MI > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-13 | CVE-2020-14102 | Command Injection vulnerability in MI Ax1800 Firmware and Rm1800 Firmware There is command injection when ddns processes the hostname, which causes the administrator user to obtain the root privilege of the router. | 7.2 |
2021-01-13 | CVE-2020-14101 | Unspecified vulnerability in MI Ax1800 Firmware and Rm1800 Firmware The data collection SDK of the router web management interface caused the leakage of the token. | 7.5 |
2021-01-13 | CVE-2020-14098 | Improper Synchronization vulnerability in MI Ax1800 Firmware and Rm1800 Firmware The login verification can be bypassed by using the problem that the time is not synchronized after the router restarts. | 7.5 |
2021-01-13 | CVE-2020-14097 | Unspecified vulnerability in MI Redmi AX6 Firmware Wrong nginx configuration, causing specific paths to be downloaded without authorization. | 7.5 |
2020-06-24 | CVE-2020-11961 | Missing Authentication for Critical Function vulnerability in MI Xiaomi R3600 Firmware Xiaomi router R3600 ROM before 1.0.50 is affected by a sensitive information leakage caused by an insecure interface get_config_result without authentication | 7.5 |
2020-06-24 | CVE-2020-11959 | Unspecified vulnerability in MI Xiaomi R3600 Firmware An unsafe configuration of nginx lead to information leak in Xiaomi router R3600 ROM before 1.0.50. | 7.5 |
2020-03-06 | CVE-2020-9531 | Unspecified vulnerability in MI Miui Firmware 11.0.5.0.Qfaeuxm An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. low complexity mi | 7.3 |
2020-02-10 | CVE-2019-13322 | Improper Input Validation vulnerability in MI Browser This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Browser Prior to 10.4.0. | 8.8 |
2020-02-10 | CVE-2019-13321 | Incorrect Permission Assignment for Critical Resource vulnerability in MI Browser This vulnerability allows network adjacent attackers to execute arbitrary code on affected installations of Xiaomi Browser Prior to 10.4.0. | 8.0 |
2019-12-20 | CVE-2019-15915 | Improper Input Validation vulnerability in MI products An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, RTCGQ01LM devices. | 7.5 |