High severity8.8NVD Advisory· Published Dec 17, 2025· Updated Apr 15, 2026
CVE-2023-53908
CVE-2023-53908
Description
HiSecOS 04.0.01 contains a privilege escalation vulnerability that allows authenticated users to modify their access role through XML-based NETCONF configuration. Attackers can send crafted XML payloads to the /mops_data endpoint with a specific role value to elevate their user privileges to administrative level.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 04.0.01
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.