6 matches found
CVE-2020-10262
An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.58.10. Attackers can activate the failsafe mode during the boot process, and use the miconsole command cascaded by the SN code shown on the product to get the root shell password, and then the attacker can i read Wi-Fi SSID or password, ...
CVE-2020-10263
An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Attackers can get root shell by accessing the UART interface and then they can i read Wi-Fi SSID or password, ii read the dialogue text files between users and XIAOMI XIAOAI speaker Pro LX06, iii use Text-To-Speech tools pretend...
CVE-2020-10262
The CVE-2020-10262 entry affects Xiaomi Xiao AI Speaker Pro LX06 (firmware 1.58.10). The described vulnerability lets an attacker activate failsafe mode during boot, use the mi_console command (cascaded by the SN code) to obtain the root shell password, and then potentially: read Wi‑Fi SSID/passw...
Microsoft Edge Chakra JIT SetConcatStrMultiItemBE Type Confusion
Microsoft Edge: Chakra: JIT: Type confusion with hoisted SetConcatStrMultiItemBE instructions CVE-2018-8229 Here's a PoC: function optstr for let i = 0; i .var s9.var = LdSlot s32s18l53.var s7.var = LdSlot s20s18l51.var s8.var = LdSlot s19s18l52.var s1Object.var = LdA 0x7FFFF47A0000...
Microsoft Edge Chakra JIT - Type Confusion with switch Statements Exploit
Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1341&desc=3 Let's start with a switch statement and its IR code for JIT. JS: for let i = 0; i ; 100; i++ switch i case 2: case 4: case 6: case 8: case 10: case 12: case 14: case...
Microsoft Edge Chakra JIT - Type Confusion with switch Statements
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1341&desc=3 Let's start with a switch statement and its IR code for JIT. JS: for let i = 0; i ; 100; i++ switch i case 2: case 4: case 6: case 8: case 10: case 12: case 14: case 16: case 18: case 20: case 22: case 24: case 26: ca...