{"vulnerability": "CVE-2023-50920", "sightings": [{"uuid": "70e5e68a-b338-46fa-9dff-417cc76ffcca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-50920", "type": "seen", "source": "https://t.me/ctinow/177988", "content": "https://ift.tt/MXxQaNF\nCVE-2023-50920 | GL.iNet B1300 improper authentication", "creation_timestamp": "2024-02-02T09:06:43.000000Z"}, {"uuid": "9827b486-4999-40ef-be45-14de07cf9598", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-50920", "type": "seen", "source": "https://t.me/ctinow/170096", "content": "https://ift.tt/rbS12XQ\nCVE-2023-50920 Exploit", "creation_timestamp": "2024-01-19T08:17:08.000000Z"}, {"uuid": "e72a728c-2d75-4d15-8bc3-feb5cc6fc13a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-50920", "type": "seen", "source": "https://t.me/ctinow/167150", "content": "https://ift.tt/6wl7dvS\nCVE-2023-50920", "creation_timestamp": "2024-01-12T09:26:43.000000Z"}, {"uuid": "eb3c6464-88f3-4855-aa19-7e25c58ddee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-50920", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18623", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-50920\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered on GL.iNet devices before version 4.5.0. They assign the same session ID after each user reboot, allowing attackers to share session identifiers between different sessions and bypass authentication or access control measures. Attackers can impersonate legitimate users or perform unauthorized actions. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7.\n\ud83d\udccf Published: 2024-01-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-17T16:05:04.445Z\n\ud83d\udd17 References:\n1. https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Authentication-bypass-seesion-ID.md", "creation_timestamp": "2025-06-17T16:41:20.000000Z"}]}