Xiaomi has long fixed all the simple vulnerabilities.
But user namidairo found a new (simple in his words) vulnerability. We are all waiting for it to be published in topic Adding OpenWrt support for Xiaomi "Redmi Router AX6S"/"Xiaomi Router AX3200" - #24 by namidairo
There is also an automatic version of obtaining SSH access through a vulnerability in mkxqimage (Xiaomi is already starting to fix this vulnerability).
Here are scripts that can be adapted to any Xiaomi device: https://github.com/openwrt-xiaomi/xmir-patcher