Lucene search
XiaomiCVE-2023-26323HistoryAug 28, 2024 - 8:15 a.m.
CVE-2023-26323
2024-08-2808:15:06
Xiaomi
web.nvd.nist.gov
24
xiaomi
app market
code execution
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
39.7%
A code execution vulnerability exists in the Xiaomi App market product. The vulnerability is caused by unsafe configuration and can be exploited by attackers to execute arbitrary code.
Affected configurations
Node
miapp_marketRange4.57.4–4.58.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mi | app_market | * | cpe:2.3:a:mi:app_market:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "affected",
"product": "App Market",
"vendor": "Xiaomi",
"versions": [
{
"changes": [
{
"at": "4.58.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.57.4",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-26323
2024-08-28 08:15:06
cvelist
cvelist
CVE-2023-26323 Xiaomi App Market has a code execution vulnerability
2024-08-28 07:53:42
vulnrichment
vulnrichment
CVE-2023-26323 Xiaomi App Market has a code execution vulnerability
2024-08-28 07:53:42
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
39.7%
Related for CVE-2023-26323