CVE-2023-50445
GL.iNet Unauthenticated Remote Command Execution
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the get_system_log and get_crash_log functions of the logread module, as well as the upgrade_online function of the upgrade module.
Vulnerabilidad de inyección de Shell
GL.iNet A1300 v4.4.6
AX1800 v4.4.6
AXT1800 v4.4.6
MT3000 v4.4.6
MT2500 v4.4.6
MT6000 v4.5.0
MT1300 v4.3.7
MT300N-V2 v4.3.7
AR750S v4 .3.7
AR750 v4.3.7
AR300M v4.3.7
B1300 v4.3.7.
Permite a atacantes locales ejecutar código de su elección a través de las funciones get_system_log y get_crash_log del módulo logread, así como la función Upgrade_online del módulo de actualización.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-12-10 CVE Reserved
- 2023-12-28 CVE Published
- 2023-12-28 EPSS Updated
- 2024-08-02 CVE Updated
- 2024-08-02 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (5)
| URL | Date | SRC |
|---|---|---|
| https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Using%20Shell%20Metacharacter%20Injection%20via%20API.md | 2024-08-02 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gl-inet Search vendor "Gl-inet" | Gl-mt1300 Firmware Search vendor "Gl-inet" for product "Gl-mt1300 Firmware" | 4.3.7 Search vendor "Gl-inet" for product "Gl-mt1300 Firmware" and version "4.3.7" | - |
Affected
| in | Gl-inet Search vendor "Gl-inet" | Gl-mt1300 Search vendor "Gl-inet" for product "Gl-mt1300" | - | - |
Safe
|
| Gl-inet Search vendor "Gl-inet" | Gl-mt300n-v2 Firmware Search vendor "Gl-inet" for product "Gl-mt300n-v2 Firmware" | 4.3.7 Search vendor "Gl-inet" for product "Gl-mt300n-v2 Firmware" and version "4.3.7" | - |
Affected
| in | Gl-inet Search vendor "Gl-inet" | Gl-mt300n-v2 Search vendor "Gl-inet" for product "Gl-mt300n-v2" | - | - |
Safe
|
| Gl-inet Search vendor "Gl-inet" | Gl-ar750s Firmware Search vendor "Gl-inet" for product "Gl-ar750s Firmware" | 4.3.7 Search vendor "Gl-inet" for product "Gl-ar750s Firmware" and version "4.3.7" | - |
Affected
| in | Gl-inet Search vendor "Gl-inet" | Gl-ar750s Search vendor "Gl-inet" for product "Gl-ar750s" | - | - |
Safe
|
| Gl-inet Search vendor "Gl-inet" | Gl-ar750 Firmware Search vendor "Gl-inet" for product "Gl-ar750 Firmware" | 4.3.7 Search vendor "Gl-inet" for product "Gl-ar750 Firmware" and version "4.3.7" | - |
Affected
| in | Gl-inet Search vendor "Gl-inet" | Gl-ar750 Search vendor "Gl-inet" for product "Gl-ar750" | - | - |
Safe
|
| Gl-inet Search vendor "Gl-inet" | Gl-ar300m Firmware Search vendor "Gl-inet" for product "Gl-ar300m Firmware" | 4.3.7 Search vendor "Gl-inet" for product "Gl-ar300m Firmware" and version "4.3.7" | - |
Affected
| in | Gl-inet Search vendor "Gl-inet" | Gl-ar300m Search vendor "Gl-inet" for product "Gl-ar300m" | - | - |
Safe
|
| Gl-inet Search vendor "Gl-inet" | Gl-b1300 Firmware Search vendor "Gl-inet" for product "Gl-b1300 Firmware" | 4.3.7 Search vendor "Gl-inet" for product "Gl-b1300 Firmware" and version "4.3.7" | - |
Affected
| in | Gl-inet Search vendor "Gl-inet" | Gl-b1300 Search vendor "Gl-inet" for product "Gl-b1300" | - | - |
Safe
|
| Gl-inet Search vendor "Gl-inet" | Gl-mt6000 Firmware Search vendor "Gl-inet" for product "Gl-mt6000 Firmware" | 4.5.0 Search vendor "Gl-inet" for product "Gl-mt6000 Firmware" and version "4.5.0" | - |
Affected
| in | Gl-inet Search vendor "Gl-inet" | Gl-mt6000 Search vendor "Gl-inet" for product "Gl-mt6000" | - | - |
Safe
|
| Gl-inet Search vendor "Gl-inet" | Gl-a1300 Firmware Search vendor "Gl-inet" for product "Gl-a1300 Firmware" | 4.4.6 Search vendor "Gl-inet" for product "Gl-a1300 Firmware" and version "4.4.6" | - |
Affected
| in | Gl-inet Search vendor "Gl-inet" | Gl-a1300 Search vendor "Gl-inet" for product "Gl-a1300" | - | - |
Safe
|
| Gl-inet Search vendor "Gl-inet" | Gl-ax1800 Firmware Search vendor "Gl-inet" for product "Gl-ax1800 Firmware" | 4.4.6 Search vendor "Gl-inet" for product "Gl-ax1800 Firmware" and version "4.4.6" | - |
Affected
| in | Gl-inet Search vendor "Gl-inet" | Gl-ax1800 Search vendor "Gl-inet" for product "Gl-ax1800" | - | - |
Safe
|
| Gl-inet Search vendor "Gl-inet" | Gl-axt1800 Firmware Search vendor "Gl-inet" for product "Gl-axt1800 Firmware" | 4.4.6 Search vendor "Gl-inet" for product "Gl-axt1800 Firmware" and version "4.4.6" | - |
Affected
| in | Gl-inet Search vendor "Gl-inet" | Gl-axt1800 Search vendor "Gl-inet" for product "Gl-axt1800" | - | - |
Safe
|
| Gl-inet Search vendor "Gl-inet" | Gl-mt3000 Firmware Search vendor "Gl-inet" for product "Gl-mt3000 Firmware" | 4.4.6 Search vendor "Gl-inet" for product "Gl-mt3000 Firmware" and version "4.4.6" | - |
Affected
| in | Gl-inet Search vendor "Gl-inet" | Gl-mt3000 Search vendor "Gl-inet" for product "Gl-mt3000" | - | - |
Safe
|
| Gl-inet Search vendor "Gl-inet" | Gl-mt2500 Firmware Search vendor "Gl-inet" for product "Gl-mt2500 Firmware" | 4.4.6 Search vendor "Gl-inet" for product "Gl-mt2500 Firmware" and version "4.4.6" | - |
Affected
| in | Gl-inet Search vendor "Gl-inet" | Gl-mt2500 Search vendor "Gl-inet" for product "Gl-mt2500" | - | - |
Safe
|