CVE-2023-50445

2023-12-2800:00:00

mitre

github.com

cve-2023-50445

gl.inet

shell injection

AI Score

7.8

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the get_system_log and get_crash_log functions of the logread module, as well as the upgrade_online function of the upgrade module.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:h:gl.inet:AX1800:-:*:*:*:*:*:*:*"
    ],
    "vendor": "gl.inet",
    "product": "AX1800",
    "versions": [
      {
        "status": "affected",
        "version": "4.4.6"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:h:gl.inet:A1300:-:*:*:*:*:*:*:*"
    ],
    "vendor": "gl.inet",
    "product": "A1300",
    "versions": [
      {
        "status": "affected",
        "version": "4.4.6"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:h:gl.inet:AXT1800:-:*:*:*:*:*:*:*"
    ],
    "vendor": "gl.inet",
    "product": "AXT1800",
    "versions": [
      {
        "status": "affected",
        "version": "4.4.6"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:h:gl.inet:MT3000:-:*:*:*:*:*:*:*"
    ],
    "vendor": "gl.inet",
    "product": "MT3000",
    "versions": [
      {
        "status": "affected",
        "version": "4.4.6"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:h:gl.inet:MT2500:-:*:*:*:*:*:*:*"
    ],
    "vendor": "gl.inet",
    "product": "MT2500",
    "versions": [
      {
        "status": "affected",
        "version": "4.4.6"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:h:gl.inet:MT6000:-:*:*:*:*:*:*:*"
    ],
    "vendor": "gl.inet",
    "product": "MT6000",
    "versions": [
      {
        "status": "affected",
        "version": "4.5.0"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:h:gl.inet:MT1300:-:*:*:*:*:*:*:*"
    ],
    "vendor": "gl.inet",
    "product": "MT1300",
    "versions": [
      {
        "status": "affected",
        "version": "4.3.7"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:h:gl.inet:MT300N_V2:-:*:*:*:*:*:*:*"
    ],
    "vendor": "gl.inet",
    "product": "MT300N_V2",
    "versions": [
      {
        "status": "affected",
        "version": "4.3.7"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:h:gl.inet:AR750S:-:*:*:*:*:*:*:*"
    ],
    "vendor": "gl.inet",
    "product": "AR750S",
    "versions": [
      {
        "status": "affected",
        "version": "4.3.7"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:h:gl.inet:AR750:-:*:*:*:*:*:*:*"
    ],
    "vendor": "gl.inet",
    "product": "AR750",
    "versions": [
      {
        "status": "affected",
        "version": "4.3.7"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:h:gl.inet:AR300M:-:*:*:*:*:*:*:*"
    ],
    "vendor": "gl.inet",
    "product": "AR300M",
    "versions": [
      {
        "status": "affected",
        "version": "4.3.7"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:h:gl.inet:B1300:-:*:*:*:*:*:*:*"
    ],
    "vendor": "gl.inet",
    "product": "B1300",
    "versions": [
      {
        "status": "affected",
        "version": "4.3.7"
      }
    ],
    "defaultStatus": "unknown"
  }
]