Insecure Permissions vulnerability in GL.iNet AX1800 v.3.215 and before allows a remote attacker to execute arbitrary code via the file sharing function.
The vulnerability results from improperly configured permissions (CWE-276) in the file sharing functionality on the GL.iNet AX1800 router. An attacker can exploit this function over the network, without any authentication or user interaction, to execute arbitrary code on the device. The lack of proper access control to the file sharing mechanism makes the vulnerability trivial to exploit.
An attacker can remotely execute arbitrary code on the device, which in practice means complete takeover of the router — violation of confidentiality, integrity, and availability of all network traffic passing through the device.
GL.iNet AX1800 firmware should be updated to a version newer than 3.215. Patches available from the manufacturer should be applied according to references. As a temporary measure, it is recommended to disable file sharing functionality and restrict access to the router's administrative interface only to trusted hosts on the local network.
GL.iNet AX1800 (GL-AX1800) with firmware version 3.215 and all earlier versions.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HGl Inet Gl Ax1800
HWGl-Inetwszystkie wersjeGl Inet Gl Ax1800 Firmware
OSGl-Inet≤ 3.125
Related vulnerabilities
GL.iNet — Authentication Bypass w NGINX przez dopasowanie wzorców Lua
GL.iNet: privilege escalation przez interfejs add_user do uprawnień root
RCE w GL.iNet AX1800 przez błędne uprawnienia funkcji uwierzytelniania
An issue was discovered on GL.iNet devices before 3.216. The function guci2_get() found in libglutil.so has a ...
An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is poss...