This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Mi | First view | 2024-08-26 |
| Product | ax9000 Firmware | Last view | 2024-09-23 |
| Version | * | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:mi:ax9000_firmware | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 8.8 | 2024-09-23 | CVE-2024-45348 | Xiaomi Router AX9000 has a post-authorization command injection vulnerability. This vulnerability is caused by the lack of validation of user input, and an attacker can exploit this vulnerability to execute arbitrary code. |
| 8.8 | 2024-08-26 | CVE-2023-26315 | The Xiaomi router AX9000 has a post-authentication command injection vulnerability. This vulnerability is caused by the lack of input filtering, allowing an attacker to exploit it to obtain root access to the device. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (2) | CWE-77 | Improper Sanitization of Special Elements used in a Command ('Comma... |
