CVE-2020-14112 — MEDIUM (5.3)

Q: How severe is CVE-2020-14112?

CVE-2020-14112 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-14112?

Check the references section above for vendor advisories and patch information. Affected products include: Mi Ax6000 Firmware, Mi Ax6000.

Vulnerability Description

Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by incorrect routing configuration. Attackers can exploit this vulnerability to download part of the files in Xiaomi Router AX6000.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Mi	Ax6000 Firmware	< 1.0.56
Mi	Ax6000	-

Related Weaknesses (CWE)

CWE-200

References

https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=34Vendor Advisory
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=34Vendor Advisory

FAQ

What is CVE-2020-14112?

CVE-2020-14112 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by incorrect routing configuration. Attackers can exploit this vulnerability to download part of the file...

How severe is CVE-2020-14112?

CVE-2020-14112 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-14112?

Check the references section above for vendor advisories and patch information. Affected products include: Mi Ax6000 Firmware, Mi Ax6000.