CVE-2023-31472

CVSS 7.5 HIGHEPSS 19.9%CWE-770

An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter applied.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/gl-inet/CVE-issues/blob/main/3.215/Arbitrary_File_Creation.md https://www.gl-inet.com