CVE-2023-26318 - Vulnerability Details - OpenCVE

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Mi	Xiaomi Router Ax3200 Xiaomi Router Ax3200 Firmware
Xiaomi	Xiaomi Router

Configuration 1 [-]

AND

cpe:2.3:o:mi:xiaomi_router_ax3200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:mi:xiaomi_router_ax3200:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://trust.mi.com/misrc/bulletins/advisory?cveId=539

History

Wed, 18 Sep 2024 18:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Xiaomi Xiaomi xiaomi Router
CPEs		cpe:2.3:a:xiaomi:xiaomi_router::::::::
Vendors & Products		Xiaomi Xiaomi xiaomi Router
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Xiaomi

Published: 2023-10-11T06:42:16.620Z

Updated: 2024-09-18T18:07:54.806Z

Reserved: 2023-02-22T16:59:28.182Z

Link: CVE-2023-26318

Vulnrichment

Updated: 2024-08-02T11:46:24.460Z

NVD

Status : Modified

Published: 2023-10-11T07:15:09.890

Modified: 2024-11-21T07:51:06.910

Link: CVE-2023-26318

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-26318", "assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909", "state": "PUBLISHED", "assignerShortName": "Xiaomi", "dateReserved": "2023-02-22T16:59:28.182Z", "datePublished": "2023-10-11T06:42:16.620Z", "dateUpdated": "2024-09-18T18:07:54.806Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Xiaomi Router", "vendor": "Xiaomi", "versions": [{"lessThan": "fw version before 2023.2", "status": "affected", "version": "0", "versionType": "2023.2"}]}], "datePublic": "2023-08-01T02:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers."}], "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers."}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909", "shortName": "Xiaomi", "dateUpdated": "2023-10-11T06:42:16.620Z"}, "references": [{"url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=539"}], "source": {"discovery": "UNKNOWN"}, "title": "Xiaomi router web interface post-authorization stack overflow", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:46:24.460Z"}, "title": "CVE Program Container", "references": [{"url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=539", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "xiaomi", "product": "xiaomi_router", "cpes": ["cpe:2.3:a:xiaomi:xiaomi_router:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "fw_version_before_2023.2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-18T18:04:56.887859Z", "id": "CVE-2023-26318", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-18T18:07:54.806Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=539", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:46:24.460Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-26318", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-18T18:04:56.887859Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:xiaomi:xiaomi_router:*:*:*:*:*:*:*:*"], "vendor": "xiaomi", "product": "xiaomi_router", "versions": [{"status": "affected", "version": "0", "lessThan": "fw_version_before_2023.2", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-18T18:07:34.083Z"}}], "cna": {"title": "Xiaomi router web interface post-authorization stack overflow", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Xiaomi", "product": "Xiaomi Router", "versions": [{"status": "affected", "version": "0", "lessThan": "fw version before 2023.2", "versionType": "2023.2"}], "defaultStatus": "unaffected"}], "datePublic": "2023-08-01T02:00:00.000Z", "references": [{"url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=539"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers.", "supportingMedia": [{"type": "text/html", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "b57733aa-7326-4f07-8e09-0be8e0df1909", "shortName": "Xiaomi", "dateUpdated": "2023-10-11T06:42:16.620Z"}}}, "cveMetadata": {"cveId": "CVE-2023-26318", "state": "PUBLISHED", "dateUpdated": "2024-09-18T18:07:54.806Z", "dateReserved": "2023-02-22T16:59:28.182Z", "assignerOrgId": "b57733aa-7326-4f07-8e09-0be8e0df1909", "datePublished": "2023-10-11T06:42:16.620Z", "assignerShortName": "Xiaomi"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mi:xiaomi_router_ax3200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B83DBDCF-18F3-4653-AFFB-1674EFB12520", "versionEndExcluding": "2023.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mi:xiaomi_router_ax3200:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E84167F-E0B9-465F-ACD8-2202FDA73949", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers."}, {"lang": "es", "value": "La vulnerabilidad de copia del b\u00fafer sin verificar el tama\u00f1o de la entrada ('Desbordamiento de b\u00fafer cl\u00e1sico') de Xiaomi en Xiaomi Router permite desbordar b\u00faferes."}], "id": "CVE-2023-26318", "lastModified": "2024-11-21T07:51:06.910", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "security@xiaomi.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-11T07:15:09.890", "references": [{"source": "security@xiaomi.com", "tags": ["Vendor Advisory"], "url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=539"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://trust.mi.com/misrc/bulletins/advisory?cveId=539"}], "sourceIdentifier": "security@xiaomi.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "security@xiaomi.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}