CVE-2023-33620

MEDIUM

GL.iNET GL-AR750S-Ext <3.215 - Info Disclosure

Title source: llm

Description

GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows attackers to eavesdrop via a man-in-the-middle attack.

References (3)

[Broken Link] http://gl-ar750s-ext.com

[Product] http://glinet.com

[Exploit, Third Party Advisory] https://justinapplegate.me/2023/glinet-CVE-2023-33620/

Scores

CVSS v3 5.9

EPSS 0.0010

EPSS Percentile 27.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-522

Status published

Affected Products (1)

gl-inet/gl-ar750s_firmware

Timeline

Published Jun 13, 2023

Tracked Since Feb 18, 2026