Ax3600 Firmware Security Vulnerabilities and Issues — Ax3600 Firmware CVE List

cve

CVE-2020-14111

A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute...

7.8CVSS

7.8AI Score

0.0004EPSS

2022-03-10 05:41 PM

38

cve

CVE-2020-14115

A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute...

9.8CVSS

9.6AI Score

0.002EPSS

2022-03-10 05:41 PM

26

cve

CVE-2020-14110

AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web...

7.8CVSS

7.3AI Score

0.0004EPSS

2022-01-18 05:15 PM

19

cve

CVE-2020-14124

There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom<...

9.8CVSS

9.9AI Score

0.004EPSS

2021-09-16 01:15 PM

17

cve

CVE-2020-14109

There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =<...

7.2CVSS

7.3AI Score

0.001EPSS

2021-09-16 12:15 PM

18

cve

CVE-2020-14104

A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version...

8.1CVSS

8AI Score

0.002EPSS

2021-04-08 06:15 PM

38