Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5
CVE-2023-31472
- EPSS 26.69%
- Veröffentlicht 09.05.2023 18:15:14
- Zuletzt bearbeitet 29.01.2025 21:15:19
An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter applied.
7.5
CVE-2023-31474
- EPSS 0.28%
- Veröffentlicht 09.05.2023 18:15:14
- Zuletzt bearbeitet 29.01.2025 21:15:19
An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature...
9.8
CVE-2023-29778
- EPSS 28.16%
- Veröffentlicht 02.05.2023 20:15:10
- Zuletzt bearbeitet 30.01.2025 17:15:14
GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection via /usr/lib/oui-httpd/rpc/logread.