Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ax3600_firmware
(Mi)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 6 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-03-10 | CVE-2020-14111 | A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code. | Ax3600_firmware | 7.8 | ||
| 2022-03-10 | CVE-2020-14115 | A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code. | Ax3600_firmware | 9.8 | ||
| 2022-01-18 | CVE-2020-14110 | AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background. | Ax3600_firmware | 7.8 | ||
| 2021-09-16 | CVE-2020-14109 | There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12 | Ax3600_firmware | 7.2 | ||
| 2021-09-16 | CVE-2020-14124 | There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12. | Ax3600_firmware | 9.8 | ||
| 2021-04-08 | CVE-2020-14104 | A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50. | Ax3600_firmware | 8.1 |