Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mi xiaomi - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-14127
A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by heap overflow and can be exploited by malicious users to make remote denial of service.
Mi Miui
7.5
CVSSv3
CVE-2020-14114
information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by malicious users to leak sensitive information.
Mi Smarthome
9.8
CVSSv3
CVE-2020-14115
A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.
Mi Ax3600 Firmware
7.5
CVSSv3
CVE-2020-14125
A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by out-of-bound read/write and can be exploited by malicious users to make denial of service.
Mi Miui
9.8
CVSSv3
CVE-2018-14060
OS command injection in the AP mode settings feature in /cgi-bin/luci /api/misystem/set_router_wifiap on Xiaomi R3D prior to 2.26.4 devices allows an malicious user to execute any command via crafted JSON data.
Mi Xiaomi R3d Firmware
1 Github repository
5.5
CVSSv3
CVE-2019-15469
The Xiaomi Mi Pad 4 Android device with a build fingerprint of Xiaomi/clover/clover:8.1.0/OPM1.171019.019/V9.6.26.0.ODJCNFD:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=27, versionName=8.1.0) that allows o...
Mi Pad 4 Firmware -
5.5
CVSSv3
CVE-2019-15470
The Xiaomi Redmi Note 6 Pro Android device with a build fingerprint of xiaomi/tulip/tulip:8.1.0/OPM1.171019.011/V10.2.2.0.OEKMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=27, versionName=8.1.0) that al...
Mi Redmi Note 6 Pro Firmware -
5.5
CVSSv3
CVE-2019-15471
The Xiaomi Mi Mix 2S Android device with a build fingerprint of Xiaomi/polaris/polaris:8.0.0/OPR1.170623.032/V9.5.19.0.ODGMIFA:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=27, versionName=8.1.0) that allow...
Mi Mix 2s Firmware -
9.8
CVSSv3
CVE-2020-11960
Xiaomi router R3600 ROM prior to 1.0.50 is affected by a vulnerability when checking backup file in c_upload interface let attacker able to extract malicious file under any location in /tmp, lead to possible RCE and DoS
Mi Xiaomi R3600 Firmware
6.5
CVSSv3
CVE-2019-12500
The Xiaomi M365 scooter 2019-02-12 prior to 1.5.1 allows spoofing of "suddenly accelerate" commands. This occurs because Bluetooth Low Energy commands have no server-side authentication check. Other affected commands include suddenly braking, locking, and unlocking.
Mi M365 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »