mod advisory

2023-11-27 18:00:08 +01:00 · 2023-11-27 18:00:08 +01:00 · 0db12a3c5e
commit 0db12a3c5e
parent af492efdf8
1 changed files with 3 additions and 0 deletions
--- a/res/advisory/CVE-2023-46453.txt
+++ b/res/advisory/CVE-2023-46453.txt
@ -5,6 +5,7 @@ GLiNet: Router Authentication Bypass
 ========================================================================
 Contents
 ========================================================================
 1. Overview
 2. Detailed Description
 3. Exploit
@ -13,6 +14,7 @@ Contents
 ========================================================================
 1. Overview
 ========================================================================
 CVE-2023-46453 is a remote authentication bypass vulnerability in the web 
 interface of GLiNet routers running firmware versions 4.x and up. The 
 vulnerability allows an attacker to bypass authentication and gain access 
@ -21,6 +23,7 @@ to the router's web interface.
 ========================================================================
 2. Detailed Description
 ========================================================================
 The vulnerability is caused by a lack of proper authentication checks in
 /usr/sbin/gl-ngx-session file. The file is responsible for authenticating
 users to the web interface. The authentication is in different stages.