Command Injection Vulnerability in Xiaomi Router AX3600 (rom< 1.1.12) - Remote Code Execution
CVE-2020-14119 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
There is command injection in the addMeshNode interface of xqnetwork.lua, which leads to command execution under administrator authority on Xiaomi router AX3600 with rom versionrom< 1.1.12
Learn more about our Network Penetration Testing.