Milesight industrial cellular routers information disclosure flaw (CVE-2023-43261)
Vulnerability
Summary
Hide ▲
Show ▼
Attackers are exploiting Milesight industrial cellular routers through CVE-2023-43261, a now-patched information disclosure flaw that exposes SMS-related APIs on some devices. The abuse creates risk of unauthorized SMS sending and message retrieval on exposed routers. SEKOIA said the activity has supported smishing operations since at least February 2022, with a measurable set of publicly reachable devices at risk.
Related Happenings
Post SMTP CVE-2025-11833 exploitation wave
Exploitation Wave
First: 04.11.2025 23:46
Last: 04.11.2025 23:46
Sources 1
About this happening:
**CVE-2025-11833** in the **Post SMTP** WordPress plugin is being actively exploited to hijack administrator accounts, putting **more than 400,000 sites** at risk of **full site c...
Post SMTP CVE-2025-11833 exploitation wave
Exploitation WaveAbout this happening: **CVE-2025-11833** in the **Post SMTP** WordPress plugin is being actively exploited to hijack administrator accounts, putting **more than 400,000 sites** at risk of **full site c...
Milesight industrial cellular router smishing campaign in Europe
Campaign
First: 01.10.2025 14:07
Last: 01.10.2025 14:07
Sources 1
How related:
Unknown threat actors are abusing Milesight industrial cellular routers to send SMS messages as part of a smishing campaign targeting users in European countries since at least February 2022.
About this happening:
The **Milesight industrial cellular router** smishing operation has kept sending malicious SMS messages to **European users** since **at least February 2022**, extending phishing...
Milesight industrial cellular router smishing campaign in Europe
CampaignHow related: Unknown threat actors are abusing Milesight industrial cellular routers to send SMS messages as part of a smishing campaign targeting users in European countries since at least February 2022.
About this happening: The **Milesight industrial cellular router** smishing operation has kept sending malicious SMS messages to **European users** since **at least February 2022**, extending phishing...
Timeline
-
01.10.2025 14:07 2 articles · 7mo ago
Milesight router SMS API abuse linked to European smishing
Initial DisclosureUnknown threat actors are abusing Milesight industrial cellular routers to send malicious SMS messages carrying phishing URLs as part of a smishing campaign targeting users in Sweden, Italy, Belgium, and other European countries. The activity has been observed since at least February 2022 and appears to rely on exposed SMS-related APIs, including access to sending and SMS history features without authentication on some routers, while typosquatted pages impersonate services such as CSAM and eBox.
Show sources
- Hackers Exploit Milesight Routers to Send Phishing SMS to European Users — thehackernews.com — 01.10.2025 14:07
- Hackers Exploit Milesight Routers to Send Phishing SMS to European Users — thehackernews.com — 01.10.2025 14:07