216.73.216.133

CVE-2023-54329

· Published 13/01/2026 23:15 · Modified 14/01/2026 20:16

Labels: CVE-2023-54329 2026-01-13CVE-2023-54329CWE-121[email protected]

Essential information

Published
13/01/2026 23:15
Modified
14/01/2026 20:16
Author
Creator
CVSS
9.3 CRITICAL (v3) 9.3 CRITICAL (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Inbit Messenger 4.6.0 - 4.9.0 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by exploiting a stack overflow in the messenger's protocol. Attackers can send specially crafted XML packets to port 10883 with a malicious payload to trigger the vulnerability and execute commands with system privileges.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
inbit / messenger cpe:2.3:a:inbit:messenger:4.6.0-4.9.0:*:*:*:*:*:*:*

References