CVE-2023-7311
BYTEVALUE Intelligent Flow Control Router Command Injection
Vexday Risk Score
48Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS 9.3EPSS 1.9%KEV nãoPoC públicaNuclei —Metasploit —Patch —
Lifecycle
15 Oct 2025Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
BYTEVALUE Intelligent Flow Control Router contains a command injection vulnerability via the /goform/webRead/open endpoint. The `path` parameter is not properly validated and is echoed into a shell context, allowing an attacker to inject and execute arbitrary shell commands on the device. Successful exploitation can lead to writing backdoors, privilege escalation on the host, and full compromise of the router and its management functions. VulnCheck has observed this vulnerability being targeted by the RondoDox botnet campaign.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
public PoCs found — 3
cve_referenceblog.csdn.net/zkaqlaoniao/article/details/134328873unverifiedcve_referencegithub.com/adysec/nuclei_poc/blob/49c283b2bbb244c071786a2b768fbdde1b91f38e/poc/web/bytevalue_goform_webread_open_rce.yamlunverifiedcve_referenceisc.sans.edu/diary/Exploit+against+Unnamed+Bytevalue+router+vulnerability+included+in+Mirai+Bot/30642unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
https://blog.csdn.net/zkaqlaoniao/article/details/134328873https://github.com/adysec/nuclei_poc/blob/49c283b2bbb244c071786a2b768fbdde1b91f38e/poc/web/bytevalue_goform_webread_open_rce.yamlhttps://isc.sans.edu/diary/Exploit+against+Unnamed+Bytevalue+router+vulnerability+included+in+Mirai+Bot/30642https://www.vulncheck.com/advisories/bytevalue-intelligent-flow-control-router-command-injection