CVE-2023-31475

Published: May 11, 2023Modified: Jan 27, 2025

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An issue was discovered on GL.iNet devices before 3.216. The function guci2_get() found in libglutil.so has a buffer overflow when an item is requested from a UCI context, and the value is pasted into a char pointer to a buffer without checking the size of the buffer.

Affected (32)

Products: Gl Inet: Gl S20 Firmware, Gl X3000 Firmware, Gl Mt3000 Firmware, Gl Mt2500 Firmware, Gl Mt2500a Firmware, Gl Axt1800 Firmware, Gl A1300 Firmware, Gl Ax1800 Firmware, Gl Sft1200 Firmware, Gl Mt1300 Firmware, Gl E750 Firmware, Gl Mv1000 Firmware, Gl Mv1000w Firmware, Gl S10 Firmware, Gl S200 Firmware, Gl S1300 Firmware, Gl Sf1200 Firmware, Gl B1300 Firmware, Gl B2200 Firmware, Gl Ap1300 Firmware, Gl Ap1300lte Firmware, Gl X1200 Firmware, Gl X750 Firmware, Gl X300b Firmware, Gl Xe300 Firmware, Gl Ar750s Firmware, Gl Ar750 Firmware, Gl Mifi Firmware, Gl Mt300n V2 Firmware, Gl Ar300m Firmware, Gl Usb150 Firmware, Microuter N300 Firmware

32 products

Gl Ap1300lte Firmware

Gl Mt300n V2 Firmware

Gl Ar300m Firmware

Gl Usb150 Firmware

Microuter N300 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl S20 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl S20	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl X3000 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl X3000	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Mt3000 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Mt3000	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Mt2500 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Mt2500	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Mt2500a Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Mt2500a	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Axt1800 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Axt1800	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl A1300 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl A1300	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Ax1800 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Ax1800	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Sft1200 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Sft1200	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Mt1300 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Mt1300	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl E750 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl E750	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Mv1000 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Mv1000	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Mv1000w Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Mv1000w	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl S10 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl S10	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl S200 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl S200	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl S1300 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl S1300	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Sf1200 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Sf1200	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl B1300 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl B1300	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl B2200 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl B2200	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Ap1300 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Ap1300	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Ap1300lte Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Ap1300lte	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl X1200 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl X1200	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl X750 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl X750	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl X300b Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl X300b	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Xe300 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Xe300	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Ar750s Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Ar750s	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Ar750 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Ar750	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Mifi Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Mifi	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Mt300n V2 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Mt300n V2	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Ar300m Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Ar300m	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Usb150 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Gl Usb150	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Microuter N300 Firmware	Before 3.216

Running on/with	Platform Versions
Gl Inet Microuter N300	All versions

Related CWEs

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (6)

https://github.com/gl-inet/CVE-issues/blob/main/3.215/Buffer_Overflow.md

Source: cve@mitre.org

ExploitThird Party Advisory

https://justinapplegate.me/2023/glinet-CVE-2023-31475/

Source: cve@mitre.org

https://www.gl-inet.com

Source: cve@mitre.org

Vendor Advisory

https://github.com/gl-inet/CVE-issues/blob/main/3.215/Buffer_Overflow.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://justinapplegate.me/2023/glinet-CVE-2023-31475/

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.gl-inet.com

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.