Unrated severityNVD Advisory· Published May 9, 2023· Updated Jan 29, 2025
CVE-2023-31474
CVE-2023-31474
Description
An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- GL.iNet/devicesdescription
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.