Vulnerabilities > CVE-2023-47463 - Improper Preservation of Permissions vulnerability in Gl-Inet Gl-Ax1800 Firmware 4.0.0/4.3.7/4.4.6

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
gl-inet
CWE-281
critical

Summary

Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via a crafted script to the gl_nas_sys authentication function.

Common Weakness Enumeration (CWE)