29 matches found
EUVD-2020-6259
Malware in sbrugna...
CVE-2020-14095
In Xiaomi router R3600, ROM version1.0.20, a connect service suffers from an injection vulnerability through the web interface, leading to a stack overflow or remote code execution...
Xiaomi router input validation error vulnerability
Xiaomi router is a wireless router from the Chinese company Xiaomi Technology Xiaomi. An input validation error vulnerability exists in the Xiaomi router R3600 ROM prior to version 1.0.66, which stems from a filter in the set WAN6 interface that can be bypassed, leading to remote code execution. ...
CVE-2020-14100
In Xiaomi router R3600 ROM version1.0.66, filters in the setWAN6 interface can be bypassed, causing remote code execution. The router administrator can gain root access from this vulnerability...
CVE-2020-14100
In Xiaomi router R3600 ROM version1.0.66, filters in the setWAN6 interface can be bypassed, causing remote code execution. The router administrator can gain root access from this vulnerability...
Design/Logic Flaw
In Xiaomi router R3600 ROM version1.0.66, filters in the setWAN6 interface can be bypassed, causing remote code execution. The router administrator can gain root access from this vulnerability...
CVE-2020-14100
In Xiaomi router R3600 ROM version1.0.66, filters in the setWAN6 interface can be bypassed, causing remote code execution. The router administrator can gain root access from this vulnerability...
CVE-2020-14100
The CVE-2020-14100 entry affects Xiaomi router R3600 ROM = 1.0.66 or vendor-provided security guidance; otherwise, monitoring for updates is advised. This summary is based on the connected documents; no additional details beyond what is stated are provided.
Unspecified vulnerability in Xiaomi R3600 (CNVD-2021-19777)
The Xiaomi R3600 is a wireless router from Chinese company Xiaomi Technology Xiaomi. A security vulnerability exists in the Xiaomi R3600 ROM prior to version 1.0.20. A remote attacker can exploit the vulnerability to execute code...
Unspecified Vulnerability in Xiaomi R3600
The Xiaomi R3600 is a wireless router from Chinese company Xiaomi Technology Xiaomi. A security vulnerability exists in the Xiaomi R3600 ROM prior to version 1.0.20. A remote attacker can exploit the vulnerability to execute code...
CVE-2020-11961
Xiaomi router R3600 ROM before 1.0.50 is affected by a sensitive information leakage caused by an insecure interface getconfigresult without authentication...
CVE-2020-11961
Xiaomi router R3600 ROM before 1.0.50 is affected by a sensitive information leakage caused by an insecure interface getconfigresult without authentication...
CVE-2020-11959
An unsafe configuration of nginx lead to information leak in Xiaomi router R3600 ROM before 1.0.50...
CVE-2020-11960
Xiaomi router R3600 ROM before 1.0.50 is affected by a vulnerability when checking backup file in cupload interface let attacker able to extract malicious file under any location in /tmp, lead to possible RCE and DoS...
Authentication flaw
Xiaomi router R3600 ROM before 1.0.50 is affected by a sensitive information leakage caused by an insecure interface getconfigresult without authentication...
CVE-2020-11961
The CVE-2020-11961 entry concerns Xiaomi router R3600 ROMs older than 1.0.50, where an insecure get_config_result interface allows sensitive information leakage without authentication. Affected component is the router firmware; impact is confidential data exposure with no integrity or availabilit...
CVE-2020-11960
The CVE-2020-11960 entry concerns the Xiaomi router R3600 ROM prior to 1.0.50. A flaw in the c_upload interface’s backup file handling lets an attacker extract a malicious file to arbitrary /tmp locations, enabling potential remote code execution and denial of service. The NVD description documen...
CVE-2020-11960
Xiaomi router R3600 ROM before 1.0.50 is affected by a vulnerability when checking backup file in cupload interface let attacker able to extract malicious file under any location in /tmp, lead to possible RCE and DoS...
CVE-2020-11959
CVE-2020-11959 : The issue arises from an unsafe configuration of nginx in the Xiaomi router R3600 ROM prior to version 1.0.50, leading to information leakage. The vulnerability affects the router’s handling of its web services, with the root cause described as an unsafe configuration rather than...
CVE-2020-11959
An unsafe configuration of nginx lead to information leak in Xiaomi router R3600 ROM before 1.0.50...