HomeMalware & ThreatsGL.iNet AR300M 4.3.7 Remote Code Execution Vulnerability

GL.iNet AR300M 4.3.7 Remote Code Execution Vulnerability

Published on

spot_img

A recent vulnerability has been identified in GL.iNet routers, specifically in version 4.3.7, that allows for remote code execution via the OpenVPN client. This exploit, labeled as CVE-2023-46454, was discovered by cybersecurity expert Michele ‘cyberaz0r’ Di Bonaventura.

The exploit targets GL.iNet routers with the vulnerability present in the Admin Panel. By utilizing a specific payload, an attacker can execute arbitrary code on the device, potentially compromising its security and gaining unauthorized access.

To demonstrate the severity of this vulnerability, the exploit author has created a script that triggers a reverse shell connection, allowing an attacker to remotely execute commands on the vulnerable device. This can lead to a complete compromise of the device and potentially the entire network it is connected to.

The exploit works by sending a specially crafted request to the GL.iNet router, exploiting the vulnerability in the OpenVPN client to execute the malicious payload. Once the payload is executed, the attacker gains control over the device and can carry out various malicious activities.

It is important for users of GL.iNet routers to be aware of this vulnerability and take the necessary steps to protect their devices. This includes updating to the latest firmware version provided by the vendor, in this case, GL.iNet. By applying the latest security patches, users can mitigate the risk of falling victim to such exploits.

Furthermore, users are advised to secure their routers with strong passwords, enable firewall protections, and regularly monitor their network for any suspicious activities. By taking a proactive approach to cybersecurity, users can reduce the likelihood of being targeted by malicious actors seeking to exploit vulnerabilities in their devices.

In conclusion, the remote code execution vulnerability in GL.iNet routers is a serious threat that can have far-reaching consequences if not addressed promptly. It is imperative for users to stay vigilant, keep their devices up to date, and implement best practices for securing their network infrastructure. By taking these steps, users can better protect themselves against potential attacks and safeguard their sensitive information from falling into the wrong hands.

Source link

Latest articles

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

 Attackers are once again abusing Google Ads to target people with info-stealing malware, this time...

Hackers allege to have infiltrated computer network of Israeli nuclear facility

An Iran-linked hacking group has declared that they successfully breached the computer network of...

Hacker allegedly uses white-hat approach to exploit crypto game for $4.6M

In a surprising turn of events, the food-themed crypto game Super Sushi Samurai fell...

Reducing Threats from the IABs Market

As ransomware attacks continue to escalate in frequency and severity, one of the key...

More like this

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

 Attackers are once again abusing Google Ads to target people with info-stealing malware, this time...

Hackers allege to have infiltrated computer network of Israeli nuclear facility

An Iran-linked hacking group has declared that they successfully breached the computer network of...

Hacker allegedly uses white-hat approach to exploit crypto game for $4.6M

In a surprising turn of events, the food-themed crypto game Super Sushi Samurai fell...
en_USEnglish