Vulnerability Details CVE-2020-14124
There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2020-14124
-
cpe:2.3:h:mi:ax3600:-
-
cpe:2.3:o:mi:ax3600_firmware:-
-
cpe:2.3:o:mi:ax3600_firmware:1.0.50
-
cpe:2.3:o:mi:ax3600_firmware:1.0.67
-
cpe:2.3:o:mi:ax3600_firmware:1.1.12