CVE-2023-46454 Information

Description

In GL.iNET GL-AR300M routers with firmware v4.3.7 it is possible to inject arbitrary shell commands through a crafted package name in the package information functionality.

Reference

https://cyberaz0r.info/2023/11/glinet-multiple-vulnerabilities/