VYPR

XiaoAI Speaker Pro LX06

by Xiaomi

CVEs (2)

  • CVE-2020-10263Apr 8, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Attackers can get root shell by accessing the UART interface and then they can (i) read Wi-Fi SSID or password, (ii) read the dialogue text files between users and XIAOMI XIAOAI speaker Pro LX06, (iii) use…

  • CVE-2020-10262Apr 8, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.58.10. Attackers can activate the failsafe mode during the boot process, and use the mi_console command cascaded by the SN code shown on the product to get the root shell password, and then the attacker can (i) read…