N/A

There is command injection when ddns processes the hostname, which causes the administrator user to obtain the root privilege of the router. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26.

N/A

N/A

Xiaomi AX1800 命令注入漏洞

Xiaomi AX1800是中国小米（Xiaomi）公司的一款路由器。 Xiaomi router 存在安全漏洞，该漏洞源于ddns处理主机名时存在命令注入，导致管理员用户获得路由器的root权限。以下产品及版本受到影响：Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26。

N/A

N/A