4.9

CVE-2023-31473

Exploit
An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter applied. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to read an arbitrary file name while using root privileges. The -f option can be used with a configuration file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Gl-inetGl-s20 Firmware Version < 3.216
   Gl-inetGl-s20 Version-
Gl-inetGl-x3000 Firmware Version < 3.216
   Gl-inetGl-x3000 Version-
Gl-inetGl-mt3000 Firmware Version < 3.216
   Gl-inetGl-mt3000 Version-
Gl-inetGl-mt2500 Firmware Version < 3.216
   Gl-inetGl-mt2500 Version-
Gl-inetGl-mt2500a Firmware Version < 3.216
   Gl-inetGl-mt2500a Version-
Gl-inetGl-axt1800 Firmware Version < 3.216
   Gl-inetGl-axt1800 Version-
Gl-inetGl-a1300 Firmware Version < 3.216
   Gl-inetGl-a1300 Version-
Gl-inetGl-ax1800 Firmware Version < 3.216
   Gl-inetGl-ax1800 Version-
Gl-inetGl-sft1200 Firmware Version < 3.216
   Gl-inetGl-sft1200 Version-
Gl-inetGl-mt1300 Firmware Version < 3.216
   Gl-inetGl-mt1300 Version-
Gl-inetGl-e750 Firmware Version < 3.216
   Gl-inetGl-e750 Version-
Gl-inetGl-mv1000 Firmware Version < 3.216
   Gl-inetGl-mv1000 Version-
Gl-inetGl-mv1000w Firmware Version < 3.216
   Gl-inetGl-mv1000w Version-
Gl-inetGl-s10 Firmware Version < 3.216
   Gl-inetGl-s10 Version-
Gl-inetGl-s200 Firmware Version < 3.216
   Gl-inetGl-s200 Version-
Gl-inetGl-s1300 Firmware Version < 3.216
   Gl-inetGl-s1300 Version-
Gl-inetGl-sf1200 Firmware Version < 3.216
   Gl-inetGl-sf1200 Version-
Gl-inetGl-b1300 Firmware Version < 3.216
   Gl-inetGl-b1300 Version-
Gl-inetGl-b2200 Firmware Version < 3.216
   Gl-inetGl-b2200 Version-
Gl-inetGl-ap1300 Firmware Version < 3.216
   Gl-inetGl-ap1300 Version-
Gl-inetGl-ap1300lte Firmware Version < 3.216
   Gl-inetGl-ap1300lte Version-
Gl-inetGl-x1200 Firmware Version < 3.216
   Gl-inetGl-x1200 Version-
Gl-inetGl-x750 Firmware Version < 3.216
   Gl-inetGl-x750 Version-
Gl-inetGl-x300b Firmware Version < 3.216
   Gl-inetGl-x300b Version-
Gl-inetGl-xe300 Firmware Version < 3.216
   Gl-inetGl-xe300 Version-
Gl-inetGl-ar750s Firmware Version < 3.216
   Gl-inetGl-ar750s Version-
Gl-inetGl-ar750 Firmware Version < 3.216
   Gl-inetGl-ar750 Version-
Gl-inetGl-mifi Firmware Version < 3.216
   Gl-inetGl-mifi Version-
Gl-inetGl-mt300n-v2 Firmware Version < 3.216
   Gl-inetGl-mt300n-v2 Version-
Gl-inetGl-ar300m Firmware Version < 3.216
   Gl-inetGl-ar300m Version-
Gl-inetGl-usb150 Firmware Version < 3.216
   Gl-inetGl-usb150 Version-
Gl-inetMicrouter-n300 Firmware Version < 3.216
   Gl-inetMicrouter-n300 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.47% 0.85
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.9 1.2 3.6
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.9 1.2 3.6
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

https://www.gl-inet.com
Vendor Advisory