Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Xiaomi router has a command injection vulnerability after authorization
Vulnerability Description
The Xiaomi router AX9000 has a post-authentication command injection vulnerability. This vulnerability is caused by the lack of input filtering, allowing an attacker to exploit it to obtain root access to the device.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Xiaomi AX9000 安全漏洞
Vulnerability Description
Xiaomi AX9000是中国小米(Xiaomi)公司的一款无线路由器。 Xiaomi AX9000 1.0.168版本存在安全漏洞,该漏洞源于缺少输入过滤,从而存在认证后命令注入漏洞,导致允许攻击者利用它获得对设备的root访问权限。
CVSS Information
N/A
Vulnerability Type
N/A