CVE-2022-31898
published 2022-10-27CVE-2022-31898: gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the ping_addr and…
PriorityP339medium6.8CVSS 3.1
AVAACLPRHUINSUCHIHAH
EPSS
15.93%
96.5th percentile
gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the ping_addr and trace_addr function parameters.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gl-inet | gl-ax1800_firmware | — | — |
| gl-inet | gl-mt300n-v2_firmware | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET EXPLOIT GL iNet MTN300n Command Injection Attempt Inbound (CVE-2022-31898)
suricata·2022-11-16·CVSS 6.8
CVE-2022-31898 [MEDIUM] ET EXPLOIT GL iNet MTN300n Command Injection Attempt Inbound (CVE-2022-31898)
ET EXPLOIT GL iNet MTN300n Command Injection Attempt Inbound (CVE-2022-31898)
Rule: alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT GL iNet MTN300n Command Injection Attempt Inbound (CVE-2022-31898)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/cgi-bin/api/internet/ping"; fast_pattern; http.request_body; content:"ping_addr"; pcre:"/^[\x22\x27]\s*\x3a\s*[\x22\x27]\x3b/R"; reference:cve,2022-31898; classtype:attempted-admin; sid:2039794; rev:2; metadata:attack_target Networking_Equipment, created_at 2022_11_16, cve CVE_2022_31898, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, updated_at 2024_03_08, mitre_tactic_id TA0008, mitre_tactic_name Lateral_Movement, mitre_technique_id T1210, mitre_technique
No public exploits indexed.
No writeups or analysis indexed.
2022-10-27
Published