CVE-2020-14102 (ax1800_firmware, rm1800_firmware)

Leave a reply

There is command injection when ddns processes the hostname, which causes the administrator user to obtain the root privilege of the router. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26.

View Full Alert

Related Posts

  • CVE-2020-14101 (ax1800_firmware, rm1800_firmware)

    The data collection SDK of the router web management interface caused the leakage of the token. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version…

  • CVE-2020-14098 (ax1800_firmware, rm1800_firmware)

    The login verification can be bypassed by using the problem that the time is not synchronized after the router restarts. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi…

  • CVE-2020-14102

    There is command injection when ddns processes the hostname, which causes the administrator user to obtain the root privilege of the router. This affects Xiaomi router AX1800rom version < 1.0.336…

Leave a Reply