CVE-2023-46453

GL.iNet · GL.iNet Devices

Multiple GL.iNet devices running 4.x firmware allow unauthenticated attackers to bypass authentication and gain administrative control via specially crafted usernames.

Executive summary

A critical authentication bypass vulnerability in GL.iNet devices allows an unauthenticated attacker to gain full administrative control of the device by injecting SQL and regex patterns.

Vulnerability

The vulnerability exists in the device login mechanism, where an attacker can input a username formatted as a valid SQL statement and regular expression to trick the authentication logic. This results in an authentication bypass, granting the attacker full administrative privileges.

Business impact

The CVSS score of 9.8 underscores the extreme severity of this flaw. By gaining administrative control, an attacker can reconfigure the network, intercept traffic, or deploy persistent malware, effectively compromising the entire network perimeter protected by the affected router.

Remediation

Immediate Action: Update the firmware of all affected GL.iNet devices to the latest available version provided by the manufacturer.

Proactive Monitoring: Monitor device logs for unusual login patterns or attempts to use special characters in the username field.

Compensating Controls: Disable remote management of the device via the WAN interface and ensure that management access is limited to a secure, internal-only network segment.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

This vulnerability is exceptionally dangerous as it allows for trivial administrative takeover. All users of the specified GL.iNet hardware must apply vendor-supplied firmware updates immediately to remediate this critical risk.