Lucene search

K

MitreCVELIST:CVE-2023-31474

HistoryMay 09, 2023 - 12:00 a.m.

CVE-2023-31474

2023-05-0900:00:00

mitre

www.cve.org

3

cve-2023-31474

software installation

arbitrary parameters

opkg

directory

regex feature

EPSS

0.001

Percentile

48.5%

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name.

References

github.com/gl-inet/CVE-issues/blob/main/3.215/Directory_Listing.md

www.gl-inet.com

EPSS

0.001

Percentile

48.5%

Related for CVELIST:CVE-2023-31474

cve1 prion1 nvd1