Cyber Resilience

CVE-2023-31742

HighPublic PoCRCE

Published: 22 May 2023

Published
22 May 2023
Modified
28 January 2025
KEV Added
Patch
CVSS Score v3.1 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.7381 98.8th percentile
Risk Priority 59 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-31742 is a high-severity Command Injection (CWE-77) vulnerability in Linksys Wrt54Gl Firmware. Its CVSS base score is 7.2 (High).

Operationally, ranked in the top 1.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2023-31742 is a command injection vulnerability affecting the Linksys WRT54GL router running firmware version 4.30.18.006. The flaw resides in the httpd Start_EPI() function and can be triggered through the post request parameters wl_ant, wl_rate, WL_atten_ctl, ttcp_num, and ttcp_size, allowing an authenticated administrator to execute arbitrary operating-system commands.

An attacker who has already obtained web-management credentials can supply crafted values in these parameters to achieve remote shell access on the device. The vulnerability carries a CVSS 3.1 score of 7.2 and is classified under CWE-77.

Public references consist of the vendor site and a detailed proof-of-concept report hosted on GitHub; neither source describes an official patch or mitigation steps. The associated EPSS score has remained steady at 0.7381 with no material increase after disclosure.

EU & UK References

Vulnerability details

There is a command injection vulnerability in the Linksys WRT54GL router with firmware version 4.30.18.006. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s…

more

Start_EPI() function, thereby gaining shell privileges.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

linksys
wrt54gl firmware
4.30.18.006

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References