Mi: >> Ax3600 Firmware Security Vulnerabilities
A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-03-10
A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-03-10
AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-01-18
There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12.
CVSS Score
9.8
EPSS Score
0.007
Published
2021-09-16
There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12
CVSS Score
7.2
EPSS Score
0.01
Published
2021-09-16
A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50.
CVSS Score
8.1
EPSS Score
0.004
Published
2021-04-08