CVE-2023-50445

Summary

CVE-2023-50445 is a newly discovered vulnerability affecting multiple GL.iNet routers, including A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7. This issue grants local attackers the ability to execute arbitrary code through the get_system_log and get_crash_log functions in the logread module and the upgrade_online function in the upgrade module. This vulnerability can lead to serious security consequences, as attackers can potentially gain full control of the affected devices. It is strongly recommended that users update their routers with the latest patches to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.