Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mi vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2020-14130
Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version <3.0.210809
Mi Xiaomi
5.5
CVSSv3
CVE-2019-15469
The Xiaomi Mi Pad 4 Android device with a build fingerprint of Xiaomi/clover/clover:8.1.0/OPM1.171019.019/V9.6.26.0.ODJCNFD:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=27, versionName=8.1.0) that allows o...
Mi Pad 4 Firmware -
5.3
CVSSv3
CVE-2020-14112
Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by incorrect routing configuration. Attackers can exploit this vulnerability to download part of the files in Xiaomi Router AX6000.
Mi Ax6000 Firmware
9.8
CVSSv3
CVE-2020-14115
A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.
Mi Ax3600 Firmware
9.8
CVSSv3
CVE-2020-14129
A logic vulnerability exists in a Xiaomi product. The vulnerability is caused by an identity verification failure, which can be exploited by an attacker who can obtain a brief elevation of privilege.
Mi Xiaomi -
7.5
CVSSv3
CVE-2018-20823
The gyroscope on Xiaomi Mi 5s devices allows malicious users to cause a denial of service (resonance and false data) via a 20.4 kHz audio signal, aka a MEMS ultrasound attack.
Mi Mi 5s Firmware -
9.8
CVSSv3
CVE-2020-10561
An issue exists on Xiaomi Mi Jia ink-jet printer < 3.4.6_0138. Injecting parameters to ippserver through the web management background, resulting in command execution vulnerabilities.
Mi Mijia Inkjet Printer Firmware
NA
CVE-2008-0876
Unspecified vulnerability in the SEWB3 messaging service in Hitachi SEWB3/PLATFORM and SEWB3/MI-PLATFORM 01-00 through 02-14-/A allows remote malicious users to cause a denial of service (service outage) via "invalid data."
Hitachi Sewb3 Mi-platform 01-00
Hitachi Sewb3 Mi-platform 01-11
Hitachi Sewb3 Mi-platform 01-16- B
Hitachi Sewb3 Mi-platform 02-13
Hitachi Sewb3 Mi-platform 02-14- A
Hitachi Sewb3 Platform 01-00
Hitachi Sewb3 Mi-platform 01-10- A
Hitachi Sewb3 Mi-platform 01-10
Hitachi Sewb3 Mi-platform 01-17- F
Hitachi Sewb3 Platform 01-06
Hitachi Sewb3 Platform 01-10- A
Hitachi Sewb3 Platform 01-16- F
Hitachi Sewb3 Platform 01-17- F
Hitachi Sewb3 Mi-platform 01-17
Hitachi Sewb3 Platform 01-06- A
Hitachi Sewb3 Platform 01-16- C
Hitachi Sewb3 Mi-platform 01-04
Hitachi Sewb3 Mi-platform 01-06- A
Hitachi Sewb3 Mi-platform 01-16- C
Hitachi Sewb3 Platform 01-10
Hitachi Sewb3 Platform 01-11
Hitachi Sewb3 Platform 01-17
8.8
CVSSv3
CVE-2022-31277
Xiaomi Lamp 1 v2.0.4_0066 exists to be vulnerable to replay attacks. This allows malicious users to to bypass the expected access restrictions and gain control of the switch and other functions via a crafted POST request.
Mi Xiaomi Lamp 1 Firmware 2.0.4 0066
6.1
CVSSv3
CVE-2023-26316
A XSS vulnerability exists in the Xiaomi cloud service Application product. The vulnerability is caused by Webview's whitelist checking function allowing javascript protocol to be loaded and can be exploited by malicious users to steal Xiaomi cloud service account's coo...
Mi Xiaomi Cloud
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »