Lucene search
+L

4 matches found

osv
osv
added 2023/05/09 6:15 p.m.5 views

CVE-2023-31474

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name...

7.5CVSS5.9AI score0.00822EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2023/05/09 12:0 a.m.11 views

CVE-2023-31474

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name...

7.5AI score0.00822EPSS
Exploits1References2
cvelist
cvelist
added 2023/05/09 12:0 a.m.40 views

CVE-2023-31474

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name...

7.7AI score0.00822EPSS
Exploits1References2
cve
cve
added 2023/05/09 12:0 a.m.743 views

CVE-2023-31474

GL.iNet devices before 3.216 are affected by CVE-2023-31474 due to a flaw in the software installation feature that lets an attacker inject arbitrary parameters via a regex in a package name, causing opkg to list files in a target directory. The issue stems from how package-name regex handling ca...

7.5CVSS7.5AI score0.00822EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder