{"vulnerability": "cve-2023-31474", "sightings": [{"uuid": "1f33b370-f59a-4e65-acd8-248ea2de9ca5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31474", "type": "seen", "source": "https://t.me/cibsecurity/63681", "content": "\u203c CVE-2023-31474 \u203c\n\nAn issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T22:44:58.000000Z"}]}