The Xiaomi router AX9000 has a post-authentication command injection vulnerability. This vulnerability is caused by the lack of input filtering, allowing an attacker to exploit it to obtain root access to the device.
Metrics
Affected Vendors & Products
References
History
Fri, 06 Sep 2024 22:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mi
Mi ax9000 Mi ax9000 Firmware |
|
Weaknesses | CWE-77 | |
CPEs | cpe:2.3:h:mi:ax9000:-:*:*:*:*:*:*:* cpe:2.3:o:mi:ax9000_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Mi
Mi ax9000 Mi ax9000 Firmware |
Mon, 26 Aug 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 26 Aug 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The Xiaomi router AX9000 has a post-authentication command injection vulnerability. This vulnerability is caused by the lack of input filtering, allowing an attacker to exploit it to obtain root access to the device. | |
Title | Xiaomi router has a command injection vulnerability after authorization | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Xiaomi
Published: 2024-08-26T11:47:17.867Z
Updated: 2024-08-26T17:40:11.256Z
Reserved: 2023-02-22T16:59:28.182Z
Link: CVE-2023-26315
Vulnrichment
Updated: 2024-08-26T17:40:07.193Z
NVD
Status : Analyzed
Published: 2024-08-26T12:15:05.387
Modified: 2024-09-06T22:25:54.637
Link: CVE-2023-26315
Redhat
No data.