VYPR

AX3600

by Xiaomi

CVEs (5)

  • CVE-2020-14110Jan 18, 2022
    risk 0.00cvss epss 0.00

    AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background.

  • CVE-2020-14124Sep 16, 2021
    risk 0.00cvss epss 0.02

    There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12.

  • CVE-2020-14119Sep 16, 2021
    risk 0.00cvss epss 0.03

    There is command injection in the addMeshNode interface of xqnetwork.lua, which leads to command execution under administrator authority on Xiaomi router AX3600 with rom versionrom< 1.1.12

  • CVE-2020-14109Sep 16, 2021
    risk 0.00cvss epss 0.02

    There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12

  • CVE-2020-14104Apr 8, 2021
    risk 0.00cvss epss 0.01

    A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50.