CVE-2023-26317

Name of the Vulnerable Software and Affected Versions Xiaomi routers (affected versions not specified)

Description The issue is caused by inadequate filtering of responses from external interfaces, leading to command injection. Attackers can exploit this by hijacking the ISP or upper-layer routing to gain access to the router. Successful exploitation could permit remote code execution and complete compromise of the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.