Ax3600 Firmware

ax3600_firmware

Vendor: Mi • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-14115 1Mi 1Ax3600 Firmware Nov 21, 2024 Mar 10, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.
CVE-2020-14111 1Mi 1Ax3600 Firmware Nov 21, 2024 Mar 10, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.
CVE-2020-14110 1Mi 1Ax3600 Firmware Nov 21, 2024 Jan 18, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background.
CVE-2020-14124 1Mi 1Ax3600 Firmware Nov 21, 2024 Sep 16, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12.
CVE-2020-14109 1Mi 1Ax3600 Firmware Nov 21, 2024 Sep 16, 2021 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12
CVE-2020-14104 1Mi 1Ax3600 Firmware Nov 21, 2024 Apr 8, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50.