## https://sploitus.com/exploit?id=64718706-59C0-52DB-83F9-ECCDF194C198
# GL.iNet Multiple Vulnerabilities
This repository contains the exploits of the following vulnerabilities:
* **CVE-2023-46454:** In GL.iNET GL-AR300M routers with firmware v4.3.7, it is possible to inject arbitrary shell commands through a crafted package name in the package information functionality.
* **CVE-2023-46455:** In GL.iNET GL-AR300M routers with firmware v4.3.7, it is possible to write arbitrary files through a path traversal attack in the OpenVPN client file upload functionality.
* **CVE-2023-46456:** In GL.iNET GL-AR300M routers with firmware v3.216, it is possible to inject arbitrary shell commands through the OpenVPN client file upload functionality.