AX3600
by Xiaomi
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-14110 | 0.00 | — | 0.00 | Jan 18, 2022 | AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background. | |||
| CVE-2020-14124 | 0.00 | — | 0.02 | Sep 16, 2021 | There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12. | |||
| CVE-2020-14119 | 0.00 | — | 0.03 | Sep 16, 2021 | There is command injection in the addMeshNode interface of xqnetwork.lua, which leads to command execution under administrator authority on Xiaomi router AX3600 with rom versionrom< 1.1.12 | |||
| CVE-2020-14109 | 0.00 | — | 0.02 | Sep 16, 2021 | There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12 | |||
| CVE-2020-14104 | 0.00 | — | 0.01 | Apr 8, 2021 | A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50. |
- CVE-2020-14110Jan 18, 2022risk 0.00cvss —epss 0.00
AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background.
- CVE-2020-14124Sep 16, 2021risk 0.00cvss —epss 0.02
There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12.
- CVE-2020-14119Sep 16, 2021risk 0.00cvss —epss 0.03
There is command injection in the addMeshNode interface of xqnetwork.lua, which leads to command execution under administrator authority on Xiaomi router AX3600 with rom versionrom< 1.1.12
- CVE-2020-14109Sep 16, 2021risk 0.00cvss —epss 0.02
There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12
- CVE-2020-14104Apr 8, 2021risk 0.00cvss —epss 0.01
A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50.