CVE-2020-14097 – This vulnerability in Xiaomi router AX6 allows ... (How to Fix)

Q: How do I fix CVE-2020-14097?

1. Log into router admin interface. 2. Check for firmware updates. 3. Install update to version 1.0.18 or later. 4. Reboot router after update.

Q: What is the severity of CVE-2020-14097?

CVE-2020-14097 has a CVSS score of 7.5 (HIGH). This vulnerability in Xiaomi router AX6 allows unauthorized access to download specific files due to incorrect nginx configuration. Attackers can access sensitive files without authentication. Only Xiaomi router AX6 devices with ROM versions below 1.0.18 are affected.

📋 TL;DR

This vulnerability in Xiaomi router AX6 allows unauthorized access to download specific files due to incorrect nginx configuration. Attackers can access sensitive files without authentication. Only Xiaomi router AX6 devices with ROM versions below 1.0.18 are affected.

💻 Affected Systems

Products:

Xiaomi router AX6

Versions: ROM version < 1.0.18

Operating Systems: Router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects specific nginx configurations on this router model.

📦 What is this software?

Redmi Ax6 Firmware by Mi

View all CVEs affecting Redmi Ax6 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers download sensitive configuration files containing credentials, network topology, or personal data, leading to complete network compromise.

🟠

Likely Case

Unauthorized access to router configuration files exposing network settings and potentially credentials.

🟢

If Mitigated

Limited exposure if files contain only non-sensitive information or access is blocked by network controls.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires knowledge of specific vulnerable paths but is straightforward once identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: ROM version 1.0.18 or later

Vendor Advisory: https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=21&locale=en

Restart Required: Yes

Instructions:

1. Log into router admin interface. 2. Check for firmware updates. 3. Install update to version 1.0.18 or later. 4. Reboot router after update.

🔧 Temporary Workarounds

Block external access

all

Disable remote administration and ensure router is not exposed to internet

Network segmentation

all

Isolate router management interface to trusted network segment only

🧯 If You Can't Patch

Replace vulnerable router with patched model
Implement strict network access controls to limit exposure

🔍 How to Verify

Check if Vulnerable:

Check router firmware version in admin interface. If version is below 1.0.18, device is vulnerable.

Check Version:

Check via router web interface at 192.168.31.1 or via SSH if enabled

Verify Fix Applied:

Confirm firmware version is 1.0.18 or higher in router admin interface.

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns to specific paths in nginx logs
Unauthorized access attempts to router configuration endpoints

Network Indicators:

External IP addresses accessing router management interface
Unusual download patterns from router

SIEM Query:

source="router_logs" AND (uri CONTAINS "/config/" OR uri CONTAINS "/backup/") AND response_code=200

📊 Metadata

CVE ID: CVE-2020-14097

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Published: January 13, 2021

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON