1 results (0.006 seconds)
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-46456 – GL.iNet AR300M 3.216 Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-46456
In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inject arbitrary shell commands through the OpenVPN client file upload functionality. En los routers GL.iNET GL-AR300M con firmware 3.216 es posible inyectar comandos de shell arbitrarios a través de la funcionalidad de carga de archivos del cliente OpenVPN. GL.iNet AR300M versions 3.216 and below suffer from an OpenVPN client related remote code execution vulnerability. • https://cyberaz0r.info/2023/11/glinet-multiple-vulnerabilities https://www.gl-inet.com • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •