CVE-2023-33621

low-risk

Published 2023-06-13

GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The token is then left in the browser history or access logs, potentially allowing attackers to bypass authentication via session replay.

Do I need to act?

0.07% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.9/10 Medium

NETWORK / HIGH complexity

Affected Products (1)

Gl-Ar750S Firmware

Affected Vendors

Gl-Inet

References (6)

Broken Link http://gl-ar750s-ext.com

Broken Link http://glinet.com

Exploit https://justinapplegate.me/2023/glinet-CVE-2023-33621/

Broken Link http://gl-ar750s-ext.com

Broken Link http://glinet.com

Exploit https://justinapplegate.me/2023/glinet-CVE-2023-33621/

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal