CVE-2020-14110

AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
XiaomiCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
miax3600_firmware
𝑥
< 1.0.67
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=40
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=40