CRITICAL🇵🇱 Wersja polska

CVE-2023-46456

CVSS 9.8v3.1pub. 2023-12-12upd. 2024-11-21

In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inject arbitrary shell commands through the OpenVPN client file upload functionality.

🤖 AI Analysis
How it works

An attacker uploads a specially crafted OpenVPN configuration file through the upload function interface in the router. The data contained in the file is not properly validated or filtered before being passed to the system command interpreter. As a result, malicious commands embedded in the file are executed directly by the device's operating system with the privileges of the process handling this functionality.

Impact

An attacker can gain full control over the device by remotely executing arbitrary system commands, which leads to breach of confidentiality, integrity and availability of the router and potentially the entire network behind it.

Mitigation & patch

Patches available from the manufacturer should be applied in accordance with the references. It is recommended to check for newer firmware versions on the manufacturer's website (gl-inet.com) and implement it immediately. Until the update is applied, consider disabling the OpenVPN configuration file upload function or restricting access to the device management interface to trusted hosts only.

Who is affected

GL.iNET GL-AR300M routers with installed firmware version 3.216.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Gl Inet Gl Ar300m

    HW
    Gl-Inet
    wszystkie wersje
  • Gl Inet Gl Ar300m Firmware

    OS
    Gl-Inet
    3.216
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
VPN
CWE
References

Related vulnerabilities

CVE-2023-50919CRITICAL9.8PL ✓ten sam produkt

GL.iNet — Authentication Bypass w NGINX przez dopasowanie wzorców Lua

CVE-2023-50921CRITICAL9.8PL ✓ten sam produkt

GL.iNet: privilege escalation przez interfejs add_user do uprawnień root

CVE-2023-46454CRITICAL9.8PL ✓ten sam produkt

Command injection w routerach GL.iNET GL-AR300M przez nazwę pakietu

CVE-2023-31475CRITICAL9.8ten sam produkt

An issue was discovered on GL.iNet devices before 3.216. The function guci2_get() found in libglutil.so has a ...

CVE-2023-31471CRITICAL9.8ten sam produkt

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is poss...