cbcvebase.
CVE-2023-46456
published 2023-12-12

CVE-2023-46456: In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inject arbitrary shell commands through the OpenVPN client file upload functionality.

PriorityP277critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
24.73%
97.6th percentile
In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inject arbitrary shell commands through the OpenVPN client file upload functionality.

Affected

1 ranges
VendorProductVersion rangeFixed in
gl-inetgl-ar300m_firmware

Detection & IOCsextracted from sources · hover to see the quote

  • Arbitrary shell command injection is possible via the OpenVPN client file upload functionality on GL.iNET GL-AR300M routers running firmware 3.216
  • A public exploit (EDB-51854) exists for CVE-2023-46456 targeting GL.iNet AR300M v3.216 — monitor for exploit script usage or suspicious OpenVPN config file uploads to the device management interface
  • ·Vulnerability is confirmed only on firmware version 3.216 of the GL-AR300M router; other firmware versions may or may not be affected
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.