CVE-2023-31475 - Vulnerability Details

An issue was discovered on GL.iNet devices before 3.216. The function guci2_get() found in libglutil.so has a buffer overflow when an item is requested from a UCI context, and the value is pasted into a char pointer to a buffer without checking the size of the buffer.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.23681.

Exploitation poc

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:gl-inet:gl-s20_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-s20:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:gl-inet:gl-x3000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-x3000:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:gl-inet:gl-mt3000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-mt3000:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:gl-inet:gl-mt2500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-mt2500:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:gl-inet:gl-mt2500a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-mt2500a:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:gl-inet:gl-axt1800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-axt1800:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:gl-inet:gl-a1300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-a1300:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:gl-inet:gl-ax1800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-ax1800:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:gl-inet:gl-sft1200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-sft1200:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:gl-inet:gl-mt1300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-mt1300:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:gl-inet:gl-e750_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-e750:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:gl-inet:gl-mv1000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-mv1000:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:gl-inet:gl-mv1000w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-mv1000w:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:gl-inet:gl-s10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-s10:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:gl-inet:gl-s200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-s200:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:gl-inet:gl-s1300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-s1300:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:gl-inet:gl-sf1200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-sf1200:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:gl-inet:gl-b1300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-b1300:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:gl-inet:gl-b2200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-b2200:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:gl-inet:gl-ap1300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-ap1300:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:gl-inet:gl-ap1300lte_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-ap1300lte:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:gl-inet:gl-x1200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-x1200:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:gl-inet:gl-x750_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-x750:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:gl-inet:gl-x300b_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-x300b:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:gl-inet:gl-xe300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-xe300:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:gl-inet:gl-ar750s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-ar750s:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:gl-inet:gl-ar750_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-ar750:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:gl-inet:gl-mifi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-mifi:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-mt300n-v2:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:gl-inet:gl-ar300m_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-ar300m:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:gl-inet:gl-usb150_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-usb150:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:gl-inet:microuter-n300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:microuter-n300:-:*:*:*:*:*:*:*

No data.

Project Subscriptions

Vendors	Products
Gl-inet Subscribe	Gl-a1300 Subscribe Gl-a1300 Firmware Subscribe Gl-ap1300 Subscribe Gl-ap1300 Firmware Subscribe Gl-ap1300lte Subscribe Gl-ap1300lte Firmware Subscribe Gl-ar300m Subscribe Gl-ar300m Firmware Subscribe Gl-ar750 Subscribe Gl-ar750 Firmware Subscribe Gl-ar750s Subscribe Gl-ar750s Firmware Subscribe Gl-ax1800 Subscribe Gl-ax1800 Firmware Subscribe Gl-axt1800 Subscribe Gl-axt1800 Firmware Subscribe Gl-b1300 Subscribe Gl-b1300 Firmware Subscribe Gl-b2200 Subscribe Gl-b2200 Firmware Subscribe Gl-e750 Subscribe Gl-e750 Firmware Subscribe Gl-mifi Subscribe Gl-mifi Firmware Subscribe Gl-mt1300 Subscribe Gl-mt1300 Firmware Subscribe Gl-mt2500 Subscribe Gl-mt2500 Firmware Subscribe Gl-mt2500a Subscribe Gl-mt2500a Firmware Subscribe Gl-mt3000 Subscribe Gl-mt3000 Firmware Subscribe Gl-mt300n-v2 Subscribe Gl-mt300n-v2 Firmware Subscribe Gl-mv1000 Subscribe Gl-mv1000 Firmware Subscribe Gl-mv1000w Subscribe Gl-mv1000w Firmware Subscribe Gl-s10 Subscribe Gl-s10 Firmware Subscribe Gl-s1300 Subscribe Gl-s1300 Firmware Subscribe Gl-s20 Subscribe Gl-s200 Subscribe Gl-s200 Firmware Subscribe Gl-s20 Firmware Subscribe Gl-sf1200 Subscribe Gl-sf1200 Firmware Subscribe Gl-sft1200 Subscribe Gl-sft1200 Firmware Subscribe Gl-usb150 Subscribe Gl-usb150 Firmware Subscribe Gl-x1200 Subscribe Gl-x1200 Firmware Subscribe Gl-x3000 Subscribe Gl-x3000 Firmware Subscribe Gl-x300b Subscribe Gl-x300b Firmware Subscribe Gl-x750 Subscribe Gl-x750 Firmware Subscribe Gl-xe300 Subscribe Gl-xe300 Firmware Subscribe Microuter-n300 Subscribe Microuter-n300 Firmware Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/gl-inet/CVE-issues/blob/main/3.215/Buffer_Overflow.md
https://justinapplegate.me/2023/glinet-CVE-2023-31475/
https://www.gl-inet.com

History

Mon, 27 Jan 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}` cvssV3_1 `{'score': 9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-05-11T00:00:00.000Z

Updated: 2025-01-27T17:17:11.696Z

Reserved: 2023-04-28T00:00:00.000Z

Link: CVE-2023-31475

Vulnrichment

Updated: 2024-08-02T14:53:30.627Z

NVD

Status : Modified

Published: 2023-05-11T11:15:09.147

Modified: 2025-01-27T18:15:33.980

Link: CVE-2023-31475

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-120

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation poc

Automatable no

Technical Impact total

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object