Lucene search
+L

5 matches found

VulnCheck KEV
VulnCheck KEV
added 2025/09/03 12:0 a.m.11 views

VulnCheck KEV: CVE-2023-50919

An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string pattern matching. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR30...

9.8CVSS5.8AI score0.47804EPSS
In wildExploits4References2
Metasploit
Metasploit
added 2024/01/24 7:49 p.m.643 views

GL.iNet Unauthenticated Remote Command Execution via the logread module.

A command injection vulnerability exists in multiple GL.iNet network products, allowing an attacker to inject and execute arbitrary shell commands via JSON parameters at the glsystemlog and glcrashlog interface in the logread module. This exploit requires post-authentication using the Admin-Token...

9.8CVSS9.2AI score0.47804EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/01/24 12:0 a.m.595 views

GL.iNet Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'digest/md5' class MetasploitModule 'GL.iNet Unauthenticated Remote Command Execution via the logread module.', 'Description' = %q A command injection...

9.8CVSS7.4AI score0.47804EPSS
Exploits5
Circl
Circl
added 2024/01/12 9:26 a.m.14 views

CVE-2023-50919

creationtimestamp| type| source ---|---|--- 2024-01-12 09:26:42+00:00| seen| https://t.me/ctinow/167149 2024-01-19 08:17:07+00:00| seen| https://t.me/ctinow/170095 2024-01-23 20:16:11+00:00| seen|...

9.8CVSS8.7AI score0.47804EPSS
Exploits4References7
CVE
CVE
added 2024/01/12 12:0 a.m.78 views

CVE-2023-50919

GL.iNet CVE-2023-50919 describes an NGINX auth-bypass via Lua pattern matching affecting multiple GL.iNet devices (various models and firmware versions up to 4.5.0). A separate Metasploit module (GL.iNet Unauthenticated Remote Command Execution via the logread module) combines this bypass with an...

9.8CVSS9.7AI score0.47804EPSS
In wildExploits4References2Affected Software1
Rows per page
Query Builder