CVE-2023-50920

Published: Jan 12, 2024Modified: Jun 17, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

An issue was discovered on GL.iNet devices before version 4.5.0. They assign the same session ID after each user reboot, allowing attackers to share session identifiers between different sessions and bypass authentication or access control measures. Attackers can impersonate legitimate users or perform unauthorized actions. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7.

Affected (24)

Products: Gl Inet: Gl Ax1800 Firmware, Gl Axt1800 Firmware, Gl Mt3000 Firmware, Gl Mt2500 Firmware, Gl Mt6000 Firmware, Gl Mt1300 Firmware, Gl Mt300n V2 Firmware, Gl Ar750s Firmware, Gl Ar750 Firmware, Gl Ar300m Firmware, Gl B1300 Firmware, Gl A1300 Firmware

12 products

Gl Mt300n V2 Firmware

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Ax1800 Firmware	Version 4.3.7
Gl Inet Gl Ax1800 Firmware	Version 4.4.6

Running on/with	Platform Versions
Gl Inet Gl Ax1800	All versions

Configuration B

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Axt1800 Firmware	Version 4.3.7
Gl Inet Gl Axt1800 Firmware	Version 4.4.6

Running on/with	Platform Versions
Gl Inet Gl Axt1800	All versions

Configuration C

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Mt3000 Firmware	Version 4.3.7
Gl Inet Gl Mt3000 Firmware	Version 4.4.6

Running on/with	Platform Versions
Gl Inet Gl Mt3000	All versions

Configuration D

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Mt2500 Firmware	Version 4.3.7
Gl Inet Gl Mt2500 Firmware	Version 4.4.6

Running on/with	Platform Versions
Gl Inet Gl Mt2500	All versions

Configuration E

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Mt6000 Firmware	Version 4.3.7
Gl Inet Gl Mt6000 Firmware	Version 4.4.6

Running on/with	Platform Versions
Gl Inet Gl Mt6000	All versions

Configuration F

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Mt1300 Firmware	Version 4.3.7
Gl Inet Gl Mt1300 Firmware	Version 4.4.6

Running on/with	Platform Versions
Gl Inet Gl Mt1300	All versions

Configuration G

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Mt300n V2 Firmware	Version 4.3.7
Gl Inet Gl Mt300n V2 Firmware	Version 4.4.6

Running on/with	Platform Versions
Gl Inet Gl Mt300n V2	All versions

Configuration H

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Ar750s Firmware	Version 4.3.7
Gl Inet Gl Ar750s Firmware	Version 4.4.6

Running on/with	Platform Versions
Gl Inet Gl Ar750s	All versions

Configuration I

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Ar750 Firmware	Version 4.3.7
Gl Inet Gl Ar750 Firmware	Version 4.4.6

Running on/with	Platform Versions
Gl Inet Gl Ar750	All versions

Configuration J

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl Ar300m Firmware	Version 4.3.7
Gl Inet Gl Ar300m Firmware	Version 4.4.6

Running on/with	Platform Versions
Gl Inet Gl Ar300m	All versions

Configuration K

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl B1300 Firmware	Version 4.3.7
Gl Inet Gl B1300 Firmware	Version 4.4.6

Running on/with	Platform Versions
Gl Inet Gl B1300	All versions

Configuration L

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Gl Inet Gl A1300 Firmware	Version 4.3.7
Gl Inet Gl A1300 Firmware	Version 4.4.6

Running on/with	Platform Versions
Gl Inet Gl A1300	All versions

Related CWEs

CWE-384

Session Fixation

Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.

References (2)

https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Authentication-bypass-seesion-ID.md

Source: cve@mitre.org

ExploitIssue TrackingVendor Advisory

https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Authentication-bypass-seesion-ID.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingVendor Advisory

Timeline

No history available yet.