Описание
A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.67 (исключая)
Одновременно
cpe:2.3:o:mi:ax3600_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mi:ax3600:-:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00737
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-345
Связанные уязвимости
CVSS3: 9.8
github
почти 4 года назад
A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.
EPSS
Процентиль: 72%
0.00737
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-345