CVE-2024-45348

Xiaomi Router AX9000 has a post-authorization command injection vulnerability

CVSS 6.4 MEDIUMEPSS 0.8%CWE-77

Xiaomi Router AX9000 has a post-authorization command injection vulnerability. This vulnerability is caused by the lack of validation of user input, and an attacker can exploit this vulnerability to execute arbitrary code.

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

Produtos afetados

Xiaomi · Xiaomi Router AX9000

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=547