Gl-Inet: >> Gl-E750 Firmware >> 3.215 Security Vulnerabilities
A vulnerability in GL.iNET GL-E750 Mudi before firmware v3.216 allows authenticated attackers to execute arbitrary code via a crafted POST request.
CVSS Score
7.2
EPSS Score
0.056
Published
2023-06-21
An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter applied. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to read an arbitrary file name while using root privileges. The -f option can be used with a configuration file.
CVSS Score
4.9
EPSS Score
0.016
Published
2023-05-11
An issue was discovered on GL.iNet devices before 3.216. The function guci2_get() found in libglutil.so has a buffer overflow when an item is requested from a UCI context, and the value is pasted into a char pointer to a buffer without checking the size of the buffer.
CVSS Score
9.8
EPSS Score
0.267
Published
2023-05-11
A path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB path.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-05-11
An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to install arbitrary software, such as a reverse shell, because the restrictions on the available package list are limited to client-side verification. It is possible to install software from the filesystem, the package list, or a URL.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-05-10
An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key.
CVSS Score
7.5
EPSS Score
0.822
Published
2023-05-09
An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter applied.
CVSS Score
7.5
EPSS Score
0.285
Published
2023-05-09
An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-05-09