Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mi xiaomi vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-14129
A logic vulnerability exists in a Xiaomi product. The vulnerability is caused by an identity verification failure, which can be exploited by an attacker who can obtain a brief elevation of privilege.
Mi Xiaomi -
9.8
CVSSv3
CVE-2020-14131
The Xiaomi Security Center expresses heartfelt thanks to ADLab of VenusTech ! At the same time, we also welcome more outstanding and professional security experts and security teams to join the Mi Security Center (MiSRC) to jointly ensure the safe access of millions of Xiaomi use...
Mi Xiaomi -
5.3
CVSSv3
CVE-2020-14130
Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version <3.0.210809
Mi Xiaomi
6.1
CVSSv3
CVE-2023-26316
A XSS vulnerability exists in the Xiaomi cloud service Application product. The vulnerability is caused by Webview's whitelist checking function allowing javascript protocol to be loaded and can be exploited by malicious users to steal Xiaomi cloud service account's coo...
Mi Xiaomi Cloud
7.5
CVSSv3
CVE-2020-14107
A stack overflow in the HTTP server of Cast can be exploited to make the app crash in LAN.
Mi Xiaomi Mirror Screen
7.5
CVSSv3
CVE-2020-14140
When Xiaomi router firmware is updated in 2020, there is an unauthenticated API that can reveal WIFI password vulnerability. This vulnerability is caused by the lack of access control policies on some API interfaces. Attackers can exploit this vulnerability to enter the backgroun...
Mi Xiaomi Router Firmware
9.8
CVSSv3
CVE-2023-26317
A vulnerability has been discovered in Xiaomi routers that could allow command injection through an external interface. This vulnerability arises from inadequate filtering of responses returned from the external interface. Attackers could exploit this vulnerability by hijacking t...
Mi Xiaomi Router Firmware
7.4
CVSSv3
CVE-2019-15843
A malicious file upload vulnerability exists in Xiaomi Millet mobile phones 1-6.3.9.3. A particular condition involving a man-in-the-middle attack may lead to partial data leakage or malicious file writing.
Mi Xiaomi Millet Firmware 1-6.3.9.3
5.3
CVSSv3
CVE-2018-20523
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser....
Mi Stock Browser 10.2.4g
Mi Redmi 7 Firmware -
Mi Redmi Note 7 Firmware -
Mi Redmi Note 6 Pro Firmware -
Mi Redmi 6 Firmware -
Mi Redmi 6a Firmware -
Mi Redmi S2 Firmware -
Mi Redmi Note 5 Pro Firmware -
Mi Redmi K20 Pro Firmware -
Mi Redmi K20 Firmware -
Mi Redmi 7a Firmware -
Mi Redmi Go Firmware -
Mi Redmi Note 5 Firmware -
Mi Redmi Y3 Firmware -
Mi Redmi Note 7s Firmware -
Mi Redmi 4a Firmware -
Mi Redmi Note 4 Firmware -
Mi Redmi 5 Plus Firmware -
Mi Redmi Note 5a Prime Firmware -
6.5
CVSSv3
CVE-2019-10875
A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6-g (aka the MIUI native browser) and Mint Browser 1.5.3 due to the way they handle the "q" query parameter. The portion of an https URL before the ?q= substring is not shown ...
Mi Mi Browser 10.5.6-g
Mi Mint Browser 1.5.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »