Lucene search
XiaomiVULNRICHMENT:CVE-2023-26320HistoryOct 11, 2023 - 6:49 a.m.
CVE-2023-26320 Xiaomi Router external request interface vulnerability leads to stack overflow
2023-10-1106:49:50
CWE-77
Xiaomi
github.com
xiaomi
router
vulnerability
stack overflow
command injection
cve-2023-26320
command injection vulnerability
special elements.
CVSS3
7.5
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Improper Neutralization of Special Elements used in a Command (‘Command Injection’) vulnerability in Xiaomi Xiaomi Router allows Command Injection.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:xiaomi:xiaomi_router:*:*:*:*:*:*:*:*"
],
"vendor": "xiaomi",
"product": "xiaomi_router",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "2023.2",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
cve
cve
CVE-2023-26320
2023-10-11 07:15:10
prion
prion
Command injection
2023-10-11 07:15:00
cvelist
cvelist
nvd
nvd
CVE-2023-26320
2023-10-11 07:15:10
CVSS3
7.5
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2023-26320