Every CVE whose affected-product data names Mi Ax3600 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2020-14115 — CVSS 9.8 (critical): A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data…
CVE-2020-14124 — CVSS 9.8 (critical): There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM…
CVE-2020-14104 — CVSS 8.1 (high): A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50.
CVE-2020-14110 — CVSS 7.8 (high): AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to…
CVE-2020-14111 — CVSS 7.8 (high): A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data…
CVE-2020-14109 — CVSS 7.2 (high): There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on…