CVE-2023-33621

GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The token is then left in the browser history or access logs, potentially allowing attackers to bypass authentication via session replay.
References
Link Resource
http://gl-ar750s-ext.com Broken Link
http://glinet.com Broken Link
https://justinapplegate.me/2023/glinet-CVE-2023-33621/ Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:gl-inet:gl-ar750s_firmware:3.215:*:*:*:*:*:*:*
cpe:2.3:h:gl-inet:gl-ar750s:-:*:*:*:*:*:*:*

History

23 Jun 2023, 19:18

Type Values Removed Values Added
References (MISC) http://gl-ar750s-ext.com - (MISC) http://gl-ar750s-ext.com - Broken Link
References (MISC) https://justinapplegate.me/2023/glinet-CVE-2023-33621/ - (MISC) https://justinapplegate.me/2023/glinet-CVE-2023-33621/ - Exploit, Third Party Advisory
References (MISC) http://glinet.com - (MISC) http://glinet.com - Broken Link
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.9
CWE CWE-294
CPE cpe:2.3:o:gl-inet:gl-ar750s_firmware:3.215:*:*:*:*:*:*:*
cpe:2.3:h:gl-inet:gl-ar750s:-:*:*:*:*:*:*:*
First Time Gl-inet gl-ar750s
Gl-inet
Gl-inet gl-ar750s Firmware

13 Jun 2023, 16:54

Type Values Removed Values Added
New CVE

Information

Published : 2023-06-13 16:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-33621

Mitre link : CVE-2023-33621

CVE.ORG link : CVE-2023-33621


JSON object : View

Products Affected

gl-inet

  • gl-ar750s
  • gl-ar750s_firmware
CWE
CWE-294

Authentication Bypass by Capture-replay