VYPR

GL.iNet

by Gl Inet

CVEs (2)

  • CVE-2023-31471May 10, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to install arbitrary software, such as a reverse shell, because the restrictions on the available package list are limited to client-side verification. It is…

  • CVE-2023-31474May 9, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name.