Mi - Ax3600 CVE

Filtered by vendor Mi Subscribe

Filtered by product Ax3600

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-14124	1 Mi	2 Ax3600, Ax3600 Firmware	2021-09-27	7.5 HIGH	9.8 CRITICAL
There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12.
CVE-2020-14119	1 Mi	1 Ax3600	2021-09-27	10.0 HIGH	9.8 CRITICAL
There is command injection in the addMeshNode interface of xqnetwork.lua, which leads to command execution under administrator authority on Xiaomi router AX3600 with rom versionrom< 1.1.12

Vulnerabilities (CVE)