Lucene search

[email protected]NVD:CVE-2022-31898

HistoryOct 27, 2022 - 6:15 p.m.

CVE-2022-31898

2022-10-2718:15:10

CWE-78

[email protected]

web.nvd.nist.gov

command injection

gl-mt300n-v2

gl-ax1800

ping_addr

trace_addr

vulnerability

6.8 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

28.6%

JSON

gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the ping_addr and trace_addr function parameters.

Affected configurations

NVD

Node

gl-inetgl-mt300n-v2_firmwareMatch3.212

AND

gl-inetgl-mt300n-v2Match-

Node

gl-inetgl-ax1800_firmwareMatch3.214

AND

gl-inetgl-ax1800Match-

References

boschko.ca/glinet-router

6.8 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

28.6%

JSON

Related for NVD:CVE-2022-31898

cve1 githubexploit1 prion1 cvelist1