CVE-2023-46455 Scanner
CVE-2023-46455 Scanner - Arbitrary File Write vulnerability in GL.iNet
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
23 days 20 hours
Scan only one
Domain, IPv4, Subdomain
Toolbox
-
GL.iNet is a widely used wireless networking device known for its flexibility and configurability. It is commonly deployed in small-scale networking environments, such as homes, small offices, and IoT applications. The product offers an administrative panel for easy network management, including settings for routing, VPNs, and more. Its firmware is open-source, enabling community-driven enhancements and customizations. However, this flexibility also makes it susceptible to vulnerabilities if improperly secured. The version 4.3.7 and earlier of the firmware are particularly affected by an Arbitrary File Write vulnerability.
This vulnerability allows attackers to overwrite arbitrary system files without prior authentication. It exploits the administrative panel's file upload mechanism, which does not validate file paths and types properly. By sending malicious payloads through specially crafted requests, attackers can modify or replace critical files within the system. This exploit is straightforward due to the lack of sufficient input sanitization. The vulnerability is classified as high severity, highlighting its potential to compromise device integrity.
The attack primarily involves sending crafted HTTP POST requests to the "/upload" endpoint. By manipulating the "path" parameter, attackers can dictate where the uploaded file is written. This process bypasses authorization checks, relying instead on improper backend logic. Once successful, malicious files such as scripts can execute arbitrary commands, further escalating privileges. The system's weak validation mechanisms are at the core of this exploit.
Exploitation of this vulnerability can lead to significant security risks, including system compromise and unauthorized access. Malicious actors could disrupt network operations, steal sensitive data, or execute further attacks on connected devices. Organizations relying on affected GL.iNet devices may face substantial financial and reputational damage. To minimize risks, timely mitigation measures are critical.
REFERENCES
