{"containers": {"cna": {"affected": [{"product": "Router AX6000", "vendor": "n/a", "versions": [{"status": "affected", "version": "Router AX6000 version <1.0.56"}]}], "descriptions": [{"lang": "en", "value": "Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by incorrect routing configuration. Attackers can exploit this vulnerability to download part of the files in Xiaomi Router AX6000."}], "problemTypes": [{"descriptions": [{"description": "Information Leak", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-03-07T14:06:49", "orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909", "shortName": "Xiaomi"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=34"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@xiaomi.com", "ID": "CVE-2020-14112", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Router AX6000", "version": {"version_data": [{"version_value": "Router AX6000 version <1.0.56"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by incorrect routing configuration. Attackers can exploit this vulnerability to download part of the files in Xiaomi Router AX6000."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information Leak"}]}]}, "references": {"reference_data": [{"name": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=34", "refsource": "MISC", "url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=34"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:39:35.767Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=34"}]}]}, "cveMetadata": {"assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909", "assignerShortName": "Xiaomi", "cveId": "CVE-2020-14112", "datePublished": "2022-03-07T14:06:49", "dateReserved": "2020-06-15T00:00:00", "dateUpdated": "2024-08-04T12:39:35.767Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mi:ax6000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C09980C-061A-41DD-AF3C-C9DBBB61FEF8", "versionEndExcluding": "1.0.56", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mi:ax6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "AFB5036E-CEBF-47DB-8626-79B79D3D5B1C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by incorrect routing configuration. Attackers can exploit this vulnerability to download part of the files in Xiaomi Router AX6000."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de filtrado de informaci\u00f3n en Xiaomi Router AX6000. La vulnerabilidad est\u00e1 causada por una configuraci\u00f3n incorrecta del enrutamiento. Los atacantes pueden explotar esta vulnerabilidad para descargar parte de los archivos en Xiaomi Router AX6000"}], "id": "CVE-2020-14112", "lastModified": "2024-11-21T05:02:40.653", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-03-10T17:41:16.577", "references": [{"source": "security@xiaomi.com", "tags": ["Vendor Advisory"], "url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=34"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=34"}], "sourceIdentifier": "security@xiaomi.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}