Vulnerability Details : CVE-2023-31477
Potential exploit
A path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB path.
Vulnerability category: Directory traversal
Products affected by CVE-2023-31477
- cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-ax1800_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-mt3000_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-s20_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-x3000_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-mt2500_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-mt2500a_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-axt1800_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-a1300_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-sft1200_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-mt1300_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-e750_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-mv1000_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-mv1000w_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-s10_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-s200_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-s1300_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-sf1200_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-b1300_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-b2200_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-ap1300_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-ap1300lte_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-x1200_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-x750_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-x300b_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-xe300_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-ar750s_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-ar750_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-mifi_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-ar300m_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:gl-usb150_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:gl-inet:microuter-n300_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-31477
0.24%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 46 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-31477
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2025-01-27 |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2023-31477
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2023-31477
-
https://github.com/gl-inet/CVE-issues/blob/main/3.215/Path_Traversal.md
CVE-issues/Path_Traversal.md at main · gl-inet/CVE-issues · GitHubExploit;Third Party Advisory
-
https://www.gl-inet.com
GL.iNet - Connecting The World To Secure Wi-FiVendor Advisory
Jump to