CVE-2022-31898
Published: 27 October 2022
Summary
CVE-2022-31898 is a medium-severity OS Command Injection (CWE-78) vulnerability in Gl-Inet Gl-Mt300N-V2 Firmware. Its CVSS base score is 6.8 (Medium).
Operationally, ranked in the top 5.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2022-31898 is a command-injection vulnerability (CWE-78) affecting the GL.iNet GL-MT300N-V2 Mango firmware version 3.212 and the GL-AX1800 Flint firmware version 3.214. The flaw resides in the ping_addr and trace_addr parameters, which fail to sanitize input before it is passed to operating-system commands.
An attacker positioned on an adjacent network who already possesses high-privileged credentials can supply crafted values to these parameters and execute arbitrary commands on the device, resulting in full control over confidentiality, integrity, and availability of the affected router.
Public references point to detailed analysis at boschko.ca/glinet-router, although no vendor advisory or patch information is included in the supplied references.
The EPSS score for this CVE rose from a low baseline after disclosure to a peak of 0.3782 on 2025-12-11 before receding to its current value of 0.1502, indicating that exploitation interest emerged well after the initial publication.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-53224
Vulnerability details
gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the ping_addr and trace_addr function parameters.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.