{"vulnerability": "CVE-2020-1411", "sightings": [{"uuid": "aa4ebb9b-0c69-442a-a598-83dd4efda842", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14116", "type": "seen", "source": "https://gist.github.com/Darkcrai86/f0bc59e87b0f256e3fe6bd76f97ae9a6", "content": "", "creation_timestamp": "2025-09-18T07:49:15.000000Z"}, {"uuid": "3254423a-e1a3-4cb4-85d7-e27f51936d1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14114", "type": "seen", "source": "https://t.me/cibsecurity/46824", "content": "\u203c CVE-2020-14114 \u203c\n\ninformation leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-22T20:23:30.000000Z"}, {"uuid": "7fe6705e-a2ac-49bf-893c-430af1c24e9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14116", "type": "seen", "source": "https://t.me/cibsecurity/41258", "content": "\u203c CVE-2020-14116 \u203c\n\nAn intent redirection vulnerability in the Mi Browser product. This vulnerability is caused by the Mi Browser does not verify the validity of the incoming data. Attackers can perform sensitive operations by exploiting this.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-21T22:27:16.000000Z"}, {"uuid": "75950d49-aa57-4a2a-a15f-685ba8ed4603", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14118", "type": "seen", "source": "https://t.me/cibsecurity/41252", "content": "\u203c CVE-2020-14118 \u203c\n\nAn intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-21T22:27:09.000000Z"}, {"uuid": "f3770422-4512-4204-bd66-b65a15bc6aa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14117", "type": "seen", "source": "https://t.me/cibsecurity/41261", "content": "\u203c CVE-2020-14117 \u203c\n\nA improper permission configuration vulnerability in Xiaomi Content Center APP. This vulnerability is caused by the lack of correct permission verification in the Xiaomi content center APP, and attackers can use this vulnerability to invoke the sensitive component functions of the Xiaomi content center APP.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-21T22:27:20.000000Z"}, {"uuid": "b9cc3dee-0464-46ac-bdf5-4a71e74e6400", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14115", "type": "seen", "source": "https://t.me/cibsecurity/38657", "content": "\u203c CVE-2020-14115 \u203c\n\nA command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-10T20:12:58.000000Z"}, {"uuid": "db9c93ec-5fc4-4164-8f14-30ba8df837f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14110", "type": "seen", "source": "https://t.me/cibsecurity/35717", "content": "\u203c CVE-2020-14110 \u203c\n\nAX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-18T20:24:50.000000Z"}, {"uuid": "e99b6e2a-c91a-4367-a654-efc0fa616da9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14112", "type": "seen", "source": "https://t.me/cibsecurity/38654", "content": "\u203c CVE-2020-14112 \u203c\n\nInformation Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by incorrect routing configuration. Attackers can exploit this vulnerability to download part of the files in Xiaomi Router AX6000.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-10T20:12:52.000000Z"}, {"uuid": "d0fadc9e-3df6-4c75-b860-afcd11745141", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14119", "type": "seen", "source": "https://t.me/cibsecurity/28971", "content": "\u203c CVE-2020-14119 \u203c\n\nThere is command injection in the addMeshNode interface of xqnetwork.lua, which leads to command execution under administrator authority on Xiaomi router AX3600 with rom versionrom< 1.1.12\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-16T16:21:49.000000Z"}]}