PT-2026-2419 · Inbit · Inbit Messenger

A-Rey

Publicado

2026-01-13

Atualizado

2026-01-30

CVE-2023-54329

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Inbit Messenger versions 4.6.0 through 4.9.0

Description Inbit Messenger versions 4.6.0 through 4.9.0 have a remote command execution issue. Unauthenticated attackers can execute arbitrary commands by exploiting a stack overflow in the messenger's protocol. Attackers can send specially crafted XML packets to port 10883 with a malicious payload to trigger the issue and execute commands with system privileges.

Recommendations Update Inbit Messenger to a version later than 4.9.0.

Exploit

Correção

Stack Overflow

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-121CWE-787

Identificadores relacionados

CVE-2023-54329

Produtos afetados

Inbit Messenger

PT-2026-2419 · Inbit · Inbit Messenger

CVE-2023-54329

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9