Known Vulnerabilities for products from Mi
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Mi".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Mi can be found at device.report : Mi
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-26320 json | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router all... | 8.1 - HIGH | 2023-10-11 | 2023-10-16 |
| CVE-2023-26319 json | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router all... | 7.2 - HIGH | 2023-10-11 | 2023-10-16 |
| CVE-2023-26318 json | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow ... | 7.2 - HIGH | 2023-10-11 | 2023-10-16 |
| CVE-2023-26317 json | A vulnerability has been discovered in Xiaomi routers that could allow command injection through an external interface. This ... | 9.8 - CRITICAL | 2023-08-02 | 2023-08-07 |
| CVE-2023-26316 json | A XSS vulnerability exists in the Xiaomi cloud service Application product. The vulnerability is caused by Webview's whitelis... | 6.1 - MEDIUM | 2023-08-02 | 2023-08-07 |
| CVE-2022-36757 json | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further inv... | Not Provided | 2022-09-06 | 2023-11-07 |
| CVE-2022-31277 json | Xiaomi Lamp 1 v2.0.4_0066 was discovered to be vulnerable to replay attacks. This allows attackers to to bypass the expected ... | 8.8 - HIGH | 2022-06-16 | 2022-06-28 |
| CVE-2021-31610 json | The Bluetooth Classic implementation on AB32VG1 devices does not properly handle the reception of continuous unsolicited LMP ... | 6.5 - MEDIUM | 2021-09-07 | 2021-09-13 |
| CVE-2020-14140 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-03-29 | 2023-04-06 |
| CVE-2020-14131 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-10-11 | 2022-10-13 |
| CVE-2020-14130 json | Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi commu... | 5.3 - MEDIUM | 2021-09-16 | 2021-09-27 |
| CVE-2020-14129 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-10-11 | 2022-10-13 |
| CVE-2020-14127 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-07-14 | 2022-07-20 |
| CVE-2020-14126 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-07-22 | 2022-07-28 |
| CVE-2020-14125 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-06-08 | 2022-06-15 |
| CVE-2020-14124 json | There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX360... | 9.8 - CRITICAL | 2021-09-16 | 2021-09-27 |
| CVE-2020-14123 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-04-22 | 2022-05-03 |
| CVE-2020-14122 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2022-04-21 | 2022-05-03 |
| CVE-2020-14121 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2022-04-21 | 2022-07-12 |
| CVE-2020-14120 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2022-04-21 | 2022-05-03 |
Known software with vulnerabilities from Mi
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Mi | 5s Plus | - |
| Operating System | Mi | 5s Plus Firmware | - |
| Hardware | Mi | A2 Lite | - |
| Operating System | Mi | A2 Lite Firmware | - |
| Hardware | Mi | A3 | - |
| Operating System | Mi | A3 Firmware | - |
| Hardware | Mi | Cepheus | - |
| Operating System | Mi | Cepheus Firmware | - |
| Hardware | Mi | Dgnwg03lm | - |
| Operating System | Mi | Dgnwg03lm Firmware | - |
| Hardware | Mi | Mccgq01lm | - |
| Operating System | Mi | Mccgq01lm Firmware | - |
| Hardware | Mi | Mdz-25-dt | - |
| Operating System | Mi | Mdz-25-dt Firmware | 1.34.36 |
| Application | Mi | Mi6 Browser | - |
| Hardware | Mi | Mijia Inkjet Printer | - |
| Operating System | Mi | Mijia Inkjet Printer Firmware | 3.4.6_0138 |
| Hardware | Mi | Millet Router 3g | - |
| Operating System | Mi | Millet Router 3g Firmware | - |
| Application | Mi | Mint Browser | 1.3.0 |