CyberSec.Space Logo
Back to CVE Browser

CVE-2020-14114

HIGH
7.5
CVSS Severity Score
EPSS Score0.0780%
EPSS Percentile18.66th
PublishedJul 22, 2022
Last ModifiedNov 21, 2024

Vulnerability Description

information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.

Affected Platforms (CPE)

📦
Mi

Smarthome

<= 6.4.701

References & Advisories

🔗 https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=277
🔗 https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=277

Related Vulnerabilities

CVE-2019-1106310.0

A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an...

CVE-2020-95509.8

Rubetek SmartHome 2020 devices use unencrypted 433 MHz communication between controllers and beacons, allowing an attacker to snif...

CVE-2017-27047.5

Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier versions,HwParentControl 2.0.0 and earlier versions,HwParentC...

CVE-2021-266387.3

Improper Authentication vulnerability in S&D smarthome(smartcare) application can cause authentication bypass and information expo...