7.5
HIGH
CVE-2023-31474
GL.iNet Opkg Regex Injection Vulnerability
Description

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name.

INFO

Published Date :

May 9, 2023, 6:15 p.m.

Last Modified :

Nov. 21, 2024, 8:01 a.m.

Remotely Exploitable :

Yes !

Impact Score :

3.6

Exploitability Score :

3.9
Affected Products

The following products are affected by CVE-2023-31474 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Gl-inet gl-e750_firmware
2 Gl-inet gl-mt3000_firmware
3 Gl-inet gl-mt1300_firmware
4 Gl-inet gl-mt300n-v2_firmware
5 Gl-inet gl-ar750s_firmware
6 Gl-inet gl-ar750_firmware
7 Gl-inet gl-ar300m_firmware
8 Gl-inet gl-b1300_firmware
9 Gl-inet gl-a1300_firmware
10 Gl-inet gl-ax1800_firmware
11 Gl-inet gl-axt1800_firmware
12 Gl-inet gl-mt2500_firmware
13 Gl-inet gl-mv1000w_firmware
14 Gl-inet gl-mv1000_firmware
15 Gl-inet gl-s20_firmware
16 Gl-inet gl-x3000_firmware
17 Gl-inet gl-mt2500a_firmware
18 Gl-inet gl-sft1200_firmware
19 Gl-inet gl-s10_firmware
20 Gl-inet gl-s200_firmware
21 Gl-inet gl-s1300_firmware
22 Gl-inet gl-sf1200_firmware
23 Gl-inet gl-b2200_firmware
24 Gl-inet gl-ap1300_firmware
25 Gl-inet gl-ap1300lte_firmware
26 Gl-inet gl-x1200_firmware
27 Gl-inet gl-x750_firmware
28 Gl-inet gl-x300b_firmware
29 Gl-inet gl-xe300_firmware
30 Gl-inet gl-mifi_firmware
31 Gl-inet gl-usb150_firmware
32 Gl-inet microuter-n300_firmware
33 Gl-inet gl-mt1300
34 Gl-inet gl-mt300n-v2
35 Gl-inet gl-ar750s
36 Gl-inet gl-ar750
37 Gl-inet gl-ar300m
38 Gl-inet gl-b1300
39 Gl-inet gl-a1300
40 Gl-inet gl-ax1800
41 Gl-inet gl-axt1800
42 Gl-inet gl-mt3000
43 Gl-inet gl-mt2500
44 Gl-inet gl-mv1000w
45 Gl-inet gl-mv1000
46 Gl-inet gl-s20
47 Gl-inet gl-x3000
48 Gl-inet gl-mt2500a
49 Gl-inet gl-sft1200
50 Gl-inet gl-e750
51 Gl-inet gl-s10
52 Gl-inet gl-s200
53 Gl-inet gl-s1300
54 Gl-inet gl-sf1200
55 Gl-inet gl-b2200
56 Gl-inet gl-ap1300
57 Gl-inet gl-ap1300lte
58 Gl-inet gl-x1200
59 Gl-inet gl-x750
60 Gl-inet gl-x300b
61 Gl-inet gl-xe300
62 Gl-inet gl-mifi
63 Gl-inet gl-usb150
64 Gl-inet microuter-n300
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-31474.

URL Resource
https://github.com/gl-inet/CVE-issues/blob/main/3.215/Directory_Listing.md Exploit
https://www.gl-inet.com Vendor Advisory
https://github.com/gl-inet/CVE-issues/blob/main/3.215/Directory_Listing.md Exploit
https://www.gl-inet.com Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-31474 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2023-31474 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference https://github.com/gl-inet/CVE-issues/blob/main/3.215/Directory_Listing.md
    Added Reference https://www.gl-inet.com
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Initial Analysis by [email protected]

    May. 16, 2023

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    Changed Reference Type https://github.com/gl-inet/CVE-issues/blob/main/3.215/Directory_Listing.md No Types Assigned https://github.com/gl-inet/CVE-issues/blob/main/3.215/Directory_Listing.md Exploit
    Changed Reference Type https://www.gl-inet.com No Types Assigned https://www.gl-inet.com Vendor Advisory
    Added CWE NIST NVD-CWE-noinfo
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-s20_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-s20:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-x3000_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-x3000:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-mt3000_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-mt3000:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-mt2500_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-mt2500:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-mt2500a_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-mt2500a:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-axt1800_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-axt1800:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-a1300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-a1300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-ax1800_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-ax1800:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-sft1200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-sft1200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-mt1300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-mt1300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-e750_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-e750:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-mv1000_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-mv1000:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-mv1000w_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-mv1000w:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-s10_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-s10:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-s200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-s200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-s1300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-s1300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-sf1200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-sf1200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-b1300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-b1300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-b2200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-b2200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-ap1300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-ap1300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-ap1300lte_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-ap1300lte:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-x1200_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-x1200:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-x750_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-x750:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-x300b_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-x300b:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-xe300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-xe300:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-ar750s_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-ar750s:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-ar750_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-ar750:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-mifi_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-mifi:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-mt300n-v2:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-ar300m_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-ar300m:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:gl-usb150_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:gl-usb150:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:gl-inet:microuter-n300_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 3.216 OR cpe:2.3:h:gl-inet:microuter-n300:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-31474 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-31474 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.20 }} 0.03%

score

0.57161

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability