A vulnerability has been discovered in Xiaomi routers that could allow command injection through an external interface. This vulnerability arises from inadequate filtering of responses returned from the external interface. Attackers could exploit this vulnerability by hijacking the ISP or an upper-layer router to gain privileges on the Xiaomi router. Successful exploitation of this flaw could permit remote code execution and complete compromise of the device.
References
Link | Resource |
---|---|
https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=529 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Xiaomi
Published: 2023-08-02T00:00:00
Updated: 2023-08-02T00:00:00
Reserved: 2023-02-22T00:00:00
Link: CVE-2023-26317
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-08-02T14:15:10.407
Modified: 2023-08-07T16:18:22.053
Link: CVE-2023-26317
JSON object: View
Redhat Information
No data.
CWE