Vulnerability Description
A command injection vulnerability was found in the ping functionality of the MitraStar GPT-2741GNAC router (firmware version AR_g5.8_110WVN0b7_2). The vulnerability allows an authenticated user to execute arbitrary OS commands by sending specially crafted input to the router via the ping function.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mitrastar | Gpt-2741Gnac Firmware | ar_g5.8_110wvn0b7_2 |
| Mitrastar | Gpt-2741Gnac | - |
Related Weaknesses (CWE)
References
- http://gpt-2741gnac.comBroken Link
- http://mitrastar.comBroken Link
- https://github.com/duality084/CVE-2023-33381-MitraStar-GPT-2741GNAC/blob/main/REExploitThird Party Advisory
- http://gpt-2741gnac.comBroken Link
- http://mitrastar.comBroken Link
- https://github.com/duality084/CVE-2023-33381-MitraStar-GPT-2741GNAC/blob/main/REExploitThird Party Advisory
FAQ
What is CVE-2023-33381?
CVE-2023-33381 is a vulnerability with a CVSS score of 7.2 (HIGH). A command injection vulnerability was found in the ping functionality of the MitraStar GPT-2741GNAC router (firmware version AR_g5.8_110WVN0b7_2). The vulnerability allows an authenticated user to exe...
How severe is CVE-2023-33381?
CVE-2023-33381 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-33381?
Check the references section above for vendor advisories and patch information. Affected products include: Mitrastar Gpt-2741Gnac Firmware, Mitrastar Gpt-2741Gnac.