CVE-2023-54329
Published: 13 January 2026
Summary
CVE-2023-54329 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Inbit Inbit Messenger. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 28.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SC-7 (Boundary Protection) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly remediates the stack overflow vulnerability (CWE-121/CWE-787) in Inbit Messenger versions 4.6.0-4.9.0 by applying patches or updates to eliminate the RCE flaw.
Prevents unauthenticated remote attackers from reaching TCP port 10883 by enforcing boundary protections such as firewalls to block crafted XML packets.
Stops exploitation of the protocol stack overflow by validating specially crafted XML packet inputs to ensure they do not exceed buffer bounds.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unauthenticated remote command execution via crafted XML packets to TCP port 10883 on public-facing Inbit Messenger enables exploitation of public-facing applications.
NVD Description
Inbit Messenger 4.6.0 - 4.9.0 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by exploiting a stack overflow in the messenger's protocol. Attackers can send specially crafted XML packets to port 10883 with a…
more
malicious payload to trigger the vulnerability and execute commands with system privileges.
Deeper analysisAI
CVE-2023-54329 is a remote command execution vulnerability affecting Inbit Messenger versions 4.6.0 through 4.9.0. The flaw stems from a stack overflow in the messenger's protocol, classified under CWE-121 (Stack-based Buffer Overflow) and CWE-787 (Out-of-bounds Write). It has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with network accessibility, low complexity, no privileges or user interaction required.
Unauthenticated attackers can exploit this vulnerability by sending specially crafted XML packets to TCP port 10883 on a vulnerable Inbit Messenger instance. Successful exploitation triggers the stack overflow, enabling arbitrary command execution with system privileges on the target host.
Advisories and resources, including those from VulnCheck (https://www.vulncheck.com/advisories/inbit-messenger-unauthenticated-remote-command-execution-rce), Exploit-DB (https://www.exploit-db.com/exploits/51127), and GitHub writeups (https://github.com/a-rey/exploits/blob/main/writeups/Inbit_Messenger/v4.6.0/writeup.md), document the issue and provide exploit details for analysis. Security practitioners should review these for reproduction steps and apply any available updates or network controls to mitigate exposure on port 10883.
Details
- CWE(s)