Vulnerabilities > MI > Rm1800 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-08 | CVE-2020-14099 | Use of Hard-coded Credentials vulnerability in MI Ax1800 Firmware and Rm1800 Firmware On Xiaomi router AX1800 rom version < 1.0.336 and RM1800 root version < 1.0.26, the encryption scheme for a user's backup files uses hard-coded keys, which can expose sensitive information such as a user's password. | 7.5 |
| 2021-01-13 | CVE-2020-14102 | Command Injection vulnerability in MI Ax1800 Firmware and Rm1800 Firmware There is command injection when ddns processes the hostname, which causes the administrator user to obtain the root privilege of the router. | 7.2 |
| 2021-01-13 | CVE-2020-14101 | Unspecified vulnerability in MI Ax1800 Firmware and Rm1800 Firmware The data collection SDK of the router web management interface caused the leakage of the token. | 7.5 |
| 2021-01-13 | CVE-2020-14098 | Improper Synchronization vulnerability in MI Ax1800 Firmware and Rm1800 Firmware The login verification can be bypassed by using the problem that the time is not synchronized after the router restarts. | 7.5 |