CVE-2023-26319: Xiaomi Router administration interface vulnerability leads command injection and stack overflow
First published: Wed Oct 11 2023(Updated: )
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection.
Credit: security@xiaomi.com security@xiaomi.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mi Xiaomi Router Ax3200 Firmware | <2023.2 | |
| Mi Xiaomi Router Ax3200 | ||
| All of | ||
| Mi Xiaomi Router Ax3200 Firmware | <2023.2 | |
| Mi Xiaomi Router Ax3200 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2023-26319.
What is the title of this vulnerability?
The title of this vulnerability is 'Improper Neutralization of Special Elements used in a Command (Command Injection) vulnerability in Xiaomi Xiaomi Router allows Command Injection.'
What is the severity of CVE-2023-26319?
The severity of CVE-2023-26319 is high with a severity value of 7.2.
Which software is affected by CVE-2023-26319?
The Mi Xiaomi Router Ax3200 Firmware with versions up to exclusive 2023.2 is affected by CVE-2023-26319.
How can I fix CVE-2023-26319?
Apply the latest firmware update provided by Xiaomi to fix CVE-2023-26319.
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- agent/title
- agent/severity
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/mi
- canonical/mi xiaomi router ax3200 firmware
- canonical/mi xiaomi router ax3200