CVE-2023-54329

CRITICAL

inbit_messenger 4.6.0-4.9.0 - Unauthenticated Remote Code Execution via Malicious XML Packet

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-54329. PoCs published by a-rey.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated remote command execution vulnerability in Inbit Messenger v4.6.0 to v4.9.0. It leverages a stack overflow in the XML parsing logic to overwrite a function pointer with the address of WinExec, allowing arbitrary command execution.

Description

Inbit Messenger 4.6.0 - 4.9.0 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by exploiting a stack overflow in the messenger's protocol. Attackers can send specially crafted XML packets to port 10883 with a malicious payload to trigger the vulnerability and execute commands with system privileges.

Exploits (1)

exploitdb WORKING POC
by a-rey · pythonremotewindows
https://www.exploit-db.com/exploits/51127

This exploit demonstrates an unauthenticated remote command execution vulnerability in Inbit Messenger v4.6.0 to v4.9.0. It leverages a stack overflow in the XML parsing logic to overwrite a function pointer with the address of WinExec, allowing arbitrary command execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Inbit Messenger v4.6.0 - v4.9.0
No auth needed
Prerequisites: Network access to the target system · Inbit Messenger service running on default or specified port
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 9.8
EPSS 0.0103
EPSS Percentile 59.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-121 CWE-787
Status published
Products (1)
inbit/inbit_messenger 4.6.0 - 4.9.0
Published Jan 13, 2026
Tracked Since Feb 18, 2026