CVE-2023-47463
First published: Thu Nov 30 2023(Updated: )
Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via a crafted script to the gl_nas_sys authentication function.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Netgear Nighthawk AX1800 Firmware | >=4.0.0<4.5.0 | |
| GL.iNet GL-AX1800 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-47463.
What is the severity of CVE-2023-47463?
The severity of CVE-2023-47463 is critical with a CVSS score of 9.8.
What is the affected software version range?
The affected software version range is from 4.0.0 to 4.5.0.
How can a remote attacker exploit CVE-2023-47463?
A remote attacker can exploit CVE-2023-47463 by executing arbitrary code through a crafted script to the gl_nas_sys authentication function.
Is there a reference for more details about CVE-2023-47463?
Yes, you can refer to the following link for more details: [GitHub - GL.iNet CVE-issues](https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/an%20unauthenticated%20remote%20code%20execution.md).
- agent/event
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/gl-inet
- canonical/netgear nighthawk ax1800 firmware
- version/netgear nighthawk ax1800 firmware/4.0.0
- canonical/gl.inet gl-ax1800