CVE-2023-26318 MEDIUM

CVE-2023-26318: Xiaomi router web interface post-authorization stack overflow

Vendor Xiaomi
Product Xiaomi Router
Weakness CWE-120
Published October 11, 2023
Last update September 18, 2024

CVSS base score

6.7/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers.

Key dates

02Disclosure timeline

October 11, 2023 CVE published
September 18, 2024 Record updated