Vulnerabilities > MI > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-02 | CVE-2023-26316 | Cross-site Scripting vulnerability in MI Xiaomi Cloud 1.12.0.0.21/1.12.0.0.25 A XSS vulnerability exists in the Xiaomi cloud service Application product. | 6.1 |
| 2022-04-21 | CVE-2020-14117 | Unspecified vulnerability in MI Content Center A improper permission configuration vulnerability in Xiaomi Content Center APP. | 5.3 |
| 2022-04-21 | CVE-2020-14118 | Open Redirect vulnerability in MI APP Store An intent redirection vulnerability in the Mi App Store product. | 6.1 |
| 2022-04-21 | CVE-2020-14121 | Incorrect Authorization vulnerability in MI APP Store 4.12.2 A business logic vulnerability exists in Mi App Store. | 5.5 |
| 2022-04-21 | CVE-2020-14122 | Insufficient Verification of Data Authenticity vulnerability in MI Miui 12.5.2 Some Xiaomi phones have information leakage vulnerabilities, and some of them may be able to forge a specific identity due to the lack of parameter verification, resulting in user information leakage. | 5.5 |
| 2022-03-10 | CVE-2020-14112 | Information Exposure vulnerability in MI Ax6000 Firmware Information Leak Vulnerability exists in the Xiaomi Router AX6000. | 5.3 |
| 2021-09-16 | CVE-2020-14130 | Exposure of Resource to Wrong Sphere vulnerability in MI Xiaomi Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version <3.0.210809 | 5.3 |
| 2021-09-07 | CVE-2021-31610 | The Bluetooth Classic implementation on AB32VG1 devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (either restart or deadlock the device) by flooding a device with LMP_AU_rand data. | 6.5 |
| 2021-04-20 | CVE-2020-14105 | Unspecified vulnerability in MI Miui 12.5/12.5.2 The application in the mobile phone can read the SNO information of the device, Xiaomi 10 MIUI < 2020.01.15. | 5.5 |
| 2021-04-08 | CVE-2020-14106 | Incorrect Authorization vulnerability in MI Miui 12.5/12.5.2/2020.01.15 The application in the mobile phone can unauthorized access to the list of running processes in the mobile phone, Xiaomi Mobile Phone MIUI < 2021.01.26. | 5.5 |