Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xiaomi vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-11959
An unsafe configuration of nginx lead to information leak in Xiaomi router R3600 ROM prior to 1.0.50.
Mi Xiaomi R3600 Firmware
3.3
CVSSv3
CVE-2019-15340
The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V9.6.4.0.ODMMIFD:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201805292006) ...
Mi Redmi 6 Firmware -
8.1
CVSSv3
CVE-2020-14104
A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50.
Mi Ax3600 Firmware
5.5
CVSSv3
CVE-2020-14105
The application in the mobile phone can read the SNO information of the device, Xiaomi 10 MIUI < 2020.01.15.
Mi Miui
5.5
CVSSv3
CVE-2020-14103
The application in the mobile phone can read the SNO information of the device, Xiaomi 10 MIUI < 2020.01.15.
Mi Miui
7.5
CVSSv3
CVE-2020-14097
Wrong nginx configuration, causing specific paths to be downloaded without authorization. This affects Xiaomi router AX6 ROM version < 1.0.18.
Mi Redmi Ax6 Firmware
9.8
CVSSv3
CVE-2020-14096
Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen when the speaker verifying a malicious firmware during OTA process.
Mi Xiaomi Ai Speaker Firmware
7.5
CVSSv3
CVE-2020-11961
Xiaomi router R3600 ROM prior to 1.0.50 is affected by a sensitive information leakage caused by an insecure interface get_config_result without authentication
Mi Xiaomi R3600 Firmware
5.5
CVSSv3
CVE-2019-15474
The Xiaomi Cepheus Android device with a build fingerprint of Xiaomi/cepheus/cepheus:9/PKQ1.181121.001/V10.2.6.0.PFAMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthor...
Mi Cepheus Firmware -
5.5
CVSSv3
CVE-2019-15475
The Xiaomi Mi A3 Android device with a build fingerprint of xiaomi/onc_eea/onc:9/PKQ1.181021.001/V10.2.8.0.PFLEUXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthorized m...
Mi A3 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »