7.5

CVE-2023-31477

Exploit
A path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB path.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Gl-inetGl-s20 Firmware Version < 3.216
   Gl-inetGl-s20 Version-
Gl-inetGl-x3000 Firmware Version < 3.216
   Gl-inetGl-x3000 Version-
Gl-inetGl-mt3000 Firmware Version < 3.216
   Gl-inetGl-mt3000 Version-
Gl-inetGl-mt2500 Firmware Version < 3.216
   Gl-inetGl-mt2500 Version-
Gl-inetGl-mt2500a Firmware Version < 3.216
   Gl-inetGl-mt2500a Version-
Gl-inetGl-axt1800 Firmware Version < 3.216
   Gl-inetGl-axt1800 Version-
Gl-inetGl-a1300 Firmware Version < 3.216
   Gl-inetGl-a1300 Version-
Gl-inetGl-ax1800 Firmware Version < 3.216
   Gl-inetGl-ax1800 Version-
Gl-inetGl-sft1200 Firmware Version < 3.216
   Gl-inetGl-sft1200 Version-
Gl-inetGl-mt1300 Firmware Version < 3.216
   Gl-inetGl-mt1300 Version-
Gl-inetGl-e750 Firmware Version < 3.216
   Gl-inetGl-e750 Version-
Gl-inetGl-mv1000 Firmware Version < 3.216
   Gl-inetGl-mv1000 Version-
Gl-inetGl-mv1000w Firmware Version < 3.216
   Gl-inetGl-mv1000w Version-
Gl-inetGl-s10 Firmware Version < 3.216
   Gl-inetGl-s10 Version-
Gl-inetGl-s200 Firmware Version < 3.216
   Gl-inetGl-s200 Version-
Gl-inetGl-s1300 Firmware Version < 3.216
   Gl-inetGl-s1300 Version-
Gl-inetGl-sf1200 Firmware Version < 3.216
   Gl-inetGl-sf1200 Version-
Gl-inetGl-b1300 Firmware Version < 3.216
   Gl-inetGl-b1300 Version-
Gl-inetGl-b2200 Firmware Version < 3.216
   Gl-inetGl-b2200 Version-
Gl-inetGl-ap1300 Firmware Version < 3.216
   Gl-inetGl-ap1300 Version-
Gl-inetGl-ap1300lte Firmware Version < 3.216
   Gl-inetGl-ap1300lte Version-
Gl-inetGl-x1200 Firmware Version < 3.216
   Gl-inetGl-x1200 Version-
Gl-inetGl-x750 Firmware Version < 3.216
   Gl-inetGl-x750 Version-
Gl-inetGl-x300b Firmware Version < 3.216
   Gl-inetGl-x300b Version-
Gl-inetGl-xe300 Firmware Version < 3.216
   Gl-inetGl-xe300 Version-
Gl-inetGl-ar750s Firmware Version < 3.216
   Gl-inetGl-ar750s Version-
Gl-inetGl-ar750 Firmware Version < 3.216
   Gl-inetGl-ar750 Version-
Gl-inetGl-mifi Firmware Version < 3.216
   Gl-inetGl-mifi Version-
Gl-inetGl-mt300n-v2 Firmware Version < 3.216
   Gl-inetGl-mt300n-v2 Version-
Gl-inetGl-ar300m Firmware Version < 3.216
   Gl-inetGl-ar300m Version-
Gl-inetGl-usb150 Firmware Version < 3.216
   Gl-inetGl-usb150 Version-
Gl-inetMicrouter-n300 Firmware Version < 3.216
   Gl-inetMicrouter-n300 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.31% 0.539
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

https://www.gl-inet.com
Vendor Advisory