CVE-2023-26319

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Oct 11, 2023

Updated: Oct 16, 2023

CWE ID 77

Summary

CVE-2023-26319 is a Command Injection vulnerability affecting Xiaomi routers. Hackers can exploit this issue by introducing malicious code through improperly neutralized special elements in commands, allowing them to execute arbitrary commands on the affected device. This vulnerability poses a serious security risk, potentially enabling attackers to take control of the router, intercept traffic, or launch further attacks on connected devices. Users are urged to update their routers to the latest software version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s5F2X6
https://www.cve.org/CVERecord?id=CVE-2023-26319
https://nvd.nist.gov/vuln/detail/CVE-2023-26319

Back to Vulnerability Database

CVE-2023-26319

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations