CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-46455

In GL.iNET GL-AR300M routers with firmware v4.3.7 it is possible to write arbitrary files through a path traversal attack in the OpenVPN client file upload functionality.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.509

EPSS Ranking 97.7%

CVSS Severity

CVSS v3 Score 7.5

References

https://cyberaz0r.info/2023/11/glinet-multiple-vulnerabilities/
https://www.gl-inet.com/
https://cyberaz0r.info/2023/11/glinet-multiple-vulnerabilities/
https://www.gl-inet.com/

Products affected by CVE-2023-46455

Gl-Inet » Gl-Ar300m » Version: N/A

cpe:2.3:h:gl-inet:gl-ar300m:-
Gl-Inet » Gl-Ar300m Firmware » Version: 4.3.7

cpe:2.3:o:gl-inet:gl-ar300m_firmware:4.3.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-46455

Products

Pricing

Contact Us