Overview
- Description
- Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by incorrect routing configuration. Attackers can exploit this vulnerability to download part of the files in Xiaomi Router AX6000.
- Source
- security@xiaomi.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mi:ax6000:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AFB5036E-CEBF-47DB-8626-79B79D3D5B1C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mi:ax6000_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C09980C-061A-41DD-AF3C-C9DBBB61FEF8",
"versionEndExcluding": "1.0.56"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]