CVE-2023-46455
CVE-2023-46455
Vexday Risk Score
30Low
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS —EPSS 47.0%KEV nãoPoC —Nuclei simMetasploit —Patch —
Lifecycle
12 Dec 2023Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
In GL.iNET GL-AR300M routers with firmware v4.3.7 it is possible to write arbitrary files through a path traversal attack in the OpenVPN client file upload functionality.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →