CVE-2023-7311
CRITICAL EXPLOITEDBYTEVALUE Intelligent Flow Control Router - Command Injection
Title source: llmExploitation Summary
CVE-2023-7311 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
BYTEVALUE Intelligent Flow Control Router contains a command injection vulnerability via the /goform/webRead/open endpoint. The `path` parameter is not properly validated and is echoed into a shell context, allowing an attacker to inject and execute arbitrary shell commands on the device. Successful exploitation can lead to writing backdoors, privilege escalation on the host, and full compromise of the router and its management functions. VulnCheck has observed this vulnerability being targeted by the RondoDox botnet campaign.
References (4)
Core 4
Core References
Various Sources exploit
https://github.com/adysec/nuclei_poc/blob/49c283b2bbb244c071786a2b768fbdde1b91f38e/poc/web/bytevalue_goform_webread_open_rce.yaml
Various Sources technical-description
exploit
https://isc.sans.edu/diary/Exploit+against+Unnamed+Bytevalue+router+vulnerability+included+in+Mirai+Bot/30642
Various Sources technical-description
exploit
https://blog.csdn.net/zkaqlaoniao/article/details/134328873
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/bytevalue-intelligent-flow-control-router-command-injection
Scores
CVSS v4
9.3
EPSS
0.0193
EPSS Percentile
77.4%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
VulnCheck KEV
2024-02-12
CWE
CWE-78
Status
published
Products (1)
BYTEVALUE (Luoyang Baiwei Intelligent Technology Co., Ltd.)/Flow Control Router
Published
Oct 15, 2025
Tracked Since
Feb 18, 2026