Description
A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.
References
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=18
Vendor Advisory
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=18
Vendor Advisory
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 · High
Information
Source identifier
Vulnerability status
Modified
Published
2022-03-10T16:41:16.523Z
4 years agoLast modified
2024-11-21T04:02:40.447Z
1 year ago