MEDIUM🇬🇧 English

CVE-2020-14130

CVSS 5.3v3.1pub. 2021-09-16upd. 2024-11-21

Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version <3.0.210809

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
  • Mi Xiaomi

    APP
    Mi
    < 3.0.210809
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2020-14129CRITICAL9.8ten sam produkt

A logic vulnerability exists in a Xiaomi product. The vulnerability is caused by an identity verification fail...

CVE-2020-14131CRITICAL9.8ten sam produkt

The Xiaomi Security Center expresses heartfelt thanks to ADLab of VenusTech ! At the same time, we also welcom...

CVE-2024-4406CRITICAL9.6PL ✓ten sam vendor

XSS umożliwiający RCE w aplikacji GetApps na Xiaomi 13 Pro

CVE-2024-4405CRITICAL9.6PL ✓ten sam vendor

XSS umożliwiający RCE w Xiaomi 13 Pro — plik manual-upgrade.html

CVE-2020-14115CRITICAL9.8ten sam vendor

A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of...