Search criteria
2 vulnerabilities found for smarthome by mi
CVE-2020-14114 (GCVE-0-2020-14114)
Vulnerability from nvd – Published: 2022-07-22 15:32 – Updated: 2024-08-04 12:39
VLAI?
Summary
information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.
Severity ?
No CVSS data available.
CWE
- Information leakage
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Xiaomi SmartHome APP |
Affected:
Xiaomi SmartHome APP <=6.4.701
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:39:36.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=277"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Xiaomi SmartHome APP",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Xiaomi SmartHome APP \u003c=6.4.701"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information leakage",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-22T15:32:00",
"orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"shortName": "Xiaomi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=277"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@xiaomi.com",
"ID": "CVE-2020-14114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Xiaomi SmartHome APP",
"version": {
"version_data": [
{
"version_value": "Xiaomi SmartHome APP \u003c=6.4.701"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=277",
"refsource": "MISC",
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=277"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"assignerShortName": "Xiaomi",
"cveId": "CVE-2020-14114",
"datePublished": "2022-07-22T15:32:00",
"dateReserved": "2020-06-15T00:00:00",
"dateUpdated": "2024-08-04T12:39:36.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14114 (GCVE-0-2020-14114)
Vulnerability from cvelistv5 – Published: 2022-07-22 15:32 – Updated: 2024-08-04 12:39
VLAI?
Summary
information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.
Severity ?
No CVSS data available.
CWE
- Information leakage
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Xiaomi SmartHome APP |
Affected:
Xiaomi SmartHome APP <=6.4.701
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:39:36.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=277"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Xiaomi SmartHome APP",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Xiaomi SmartHome APP \u003c=6.4.701"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information leakage",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-22T15:32:00",
"orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"shortName": "Xiaomi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=277"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@xiaomi.com",
"ID": "CVE-2020-14114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Xiaomi SmartHome APP",
"version": {
"version_data": [
{
"version_value": "Xiaomi SmartHome APP \u003c=6.4.701"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=277",
"refsource": "MISC",
"url": "https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=277"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909",
"assignerShortName": "Xiaomi",
"cveId": "CVE-2020-14114",
"datePublished": "2022-07-22T15:32:00",
"dateReserved": "2020-06-15T00:00:00",
"dateUpdated": "2024-08-04T12:39:36.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}