Vulnerabilidades en Xiaomi
26 resultadosCVE-2023-26315MEDIUMXiaomi router has a command injection vulnerability after authorizationEPSS 18.6%CVE-2019-13322HIGHThis vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Browser Prior to 10.4.0. User intEPSS 2.6%CVE-2019-6743HIGHThis vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser prior to 10.4.0. UserEPSS 2.4%CVE-2020-14095—In Xiaomi router R3600, ROM version<1.0.20, a connect service suffers from an injection vulnerability through the web interface, leading to EPSS 2.3%CVE-2020-14094—In Xiaomi router R3600, ROM version<1.0.20, the connection service can be injected through the web interface, resulting in stack overflow orEPSS 2.3%CVE-2024-4406HIGHXiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution VulnerabilityEPSS 2.2%CVE-2019-13321MEDIUMThis vulnerability allows network adjacent attackers to execute arbitrary code on affected installations of Xiaomi Browser Prior to 10.4.0. EPSS 1.2%CVE-2024-4405HIGHXiaomi Pro 13 mimarket manual-upgrade Cross-Site Scripting Remote Code Execution VulnerabilityEPSS 1.2%CVE-2023-26320HIGHXiaomi Router external request interface vulnerability leads to stack overflowEPSS 1.0%CVE-2023-26317HIGHXiaomi router external request interface has command injectionEPSS 0.9%CVE-2023-26319MEDIUMXiaomi Router administration interface vulnerability leads command injection and stack overflowEPSS 0.9%CVE-2024-45348MEDIUMXiaomi Router AX9000 has a post-authorization command injection vulnerabilityEPSS 0.8%CVE-2023-26322HIGHGetApps application has code execution vulnerabilityEPSS 0.7%CVE-2023-26324HIGHGetApps application has code execution vulnerabilityEPSS 0.6%CVE-2023-26323HIGHXiaomi App Market has a code execution vulnerabilityEPSS 0.6%CVE-2023-26321MEDIUMThe international version of Xiaomi File Manager has a path traversal vulnerabilityEPSS 0.5%CVE-2023-26318MEDIUMXiaomi router web interface post-authorization stack overflowEPSS 0.5%CVE-2024-45346HIGHGetApps application has code execution vulnerabilityEPSS 0.4%CVE-2024-45352HIGHXiaomi smarthome application Webview has code execution vulnerabilityEPSS 0.3%CVE-2024-45347CRITICALMi Connect Service APP protocol flaws lead to unauthorized accessEPSS 0.2%