10 matches found
EUVD-2020-2717
Malware in sbrugna...
EUVD-2020-2718
Malware in sbrugna...
CVE-2020-10262
An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.58.10. Attackers can activate the failsafe mode during the boot process, and use the miconsole command cascaded by the SN code shown on the product to get the root shell password, and then the attacker can i read Wi-Fi SSID or password, ...
CVE-2020-10262
An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.58.10. Attackers can activate the failsafe mode during the boot process, and use the miconsole command cascaded by the SN code shown on the product to get the root shell password, and then the attacker can i read Wi-Fi SSID or password, ...
CVE-2020-10263
An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Attackers can get root shell by accessing the UART interface and then they can i read Wi-Fi SSID or password, ii read the dialogue text files between users and XIAOMI XIAOAI speaker Pro LX06, iii use Text-To-Speech tools pretend...
Command injection
An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.58.10. Attackers can activate the failsafe mode during the boot process, and use the miconsole command cascaded by the SN code shown on the product to get the root shell password, and then the attacker can i read Wi-Fi SSID or password, ...
Design/Logic Flaw
An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Attackers can get root shell by accessing the UART interface and then they can i read Wi-Fi SSID or password, ii read the dialogue text files between users and XIAOMI XIAOAI speaker Pro LX06, iii use Text-To-Speech tools pretend...
CVE-2020-10263
An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Attackers can get root shell by accessing the UART interface and then they can i read Wi-Fi SSID or password, ii read the dialogue text files between users and XIAOMI XIAOAI speaker Pro LX06, iii use Text-To-Speech tools pretend...
CVE-2020-10263
CVE-2020-10263 affects Xiaomi Xiao AI Speaker Pro LX06 with firmware 1.52.4. Multiple sources describe a local UART-accessible remote-root capability, enabling an attacker to: read Wi‑Fi SSID/password, access user dialogues, abuse TTS voice to spoof, eavesdrop, modify system files, issue IR codes...
CVE-2020-10262
The CVE-2020-10262 entry affects Xiaomi Xiao AI Speaker Pro LX06 (firmware 1.58.10). The described vulnerability lets an attacker activate failsafe mode during boot, use the mi_console command (cascaded by the SN code) to obtain the root shell password, and then potentially: read Wi‑Fi SSID/passw...