Remote Command Execution Vulnerability in Mingyu Security Gateway
CVE-2023-47356

Currently unrated

Key Information:

Vendor: Mingyu
Status: Mingyu Security Gateway
Vendor: CVE Published:; 17 July 2025

What is CVE-2023-47356?

The Mingyu Security Gateway, prior to version 3.0-5.3p, is susceptible to a remote command execution vulnerability. This flaw is triggered through the log_type parameter in the /log/fw_security.mds endpoint, potentially allowing unauthorized users to execute arbitrary commands on the server, which could lead to significant data compromise and system integrity issues.

References

https://github.com/night-0p/anh/blob/main/MingyuSecurityG...

https://gist.github.com/night-0p/8d414bfef1cb16539da67e12...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 17, 2025
Vulnerability Reserved
Nov 6, 2023