CVSS: 8.8EPSS: 0%CPEs: 20EXPL: 0CVE-2024-45263
https://notcve.org/view.php?id=CVE-2024-45263
24 Oct 2024 — An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The upload interface allows the uploading of arbitrary files to the device. Once the device executes the files, it can lead to information leakage, enabling complete control. • https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Arbitrary%20File%20Upload%20to%20ovpn_upload%20via%20Upload%20Interface.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 49EXPL: 0CVE-2024-39227
https://notcve.org/view.php?id=CVE-2024-39227
06 Aug 2024 — GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a shell injection vulnerability via the interface check_ovpn_client_config. GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and... • http://ar750ar750sar300mar300m16mt300n-v2b1300mt1300sft1200x750.com • CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) •
CVSS: 10.0EPSS: 0%CPEs: 29EXPL: 0CVE-2024-39228
https://notcve.org/view.php?id=CVE-2024-39228
06 Aug 2024 — GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, XE3000/X3000 v4, and B2200/MV1000/MV1000W/USB150/N300/SF1200 v3.216 were discovered to contain a shell injection vulnerability via the interface check_config. GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 ... • http://ar750ar750sar300mar300m16mt300n-v2b1300mt1300sft1200x750.com • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 36EXPL: 1CVE-2023-50920
https://notcve.org/view.php?id=CVE-2023-50920
12 Jan 2024 — An issue was discovered on GL.iNet devices before version 4.5.0. They assign the same session ID after each user reboot, allowing attackers to share session identifiers between different sessions and bypass authentication or access control measures. Attackers can impersonate legitimate users or perform unauthorized actions. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7. ... • https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Authentication-bypass-seesion-ID.md • CWE-384: Session Fixation •
CVSS: 10.0EPSS: 0%CPEs: 36EXPL: 1CVE-2023-50919 – GL.iNet Unauthenticated Remote Command Execution
https://notcve.org/view.php?id=CVE-2023-50919
12 Jan 2024 — An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string pattern matching. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7. Se descubrió un problema en dispositivos GL.iNet anteriores a la versión 4.5.0. Existe una omisión de autenticación NGINX mediante la coincidencia de patrones de cadenas Lua. • http://packetstormsecurity.com/files/176708/GL.iNet-Unauthenticated-Remote-Command-Execution.html • CWE-287: Improper Authentication •
CVSS: 8.3EPSS: 0%CPEs: 24EXPL: 1CVE-2023-50922
https://notcve.org/view.php?id=CVE-2023-50922
03 Jan 2024 — An issue was discovered on GL.iNet devices through 4.5.0. Attackers who are able to steal the AdminToken cookie can execute arbitrary code by uploading a crontab-formatted file to a specific directory and waiting for its execution. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7. Se descubrió un problema en dispositivos GL.iNet hasta 4.5.0. Los atacantes que pueden robar l... • https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Remote%20code%20execution%20due%20to%20gl_crontabs.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 24EXPL: 0CVE-2023-50921
https://notcve.org/view.php?id=CVE-2023-50921
03 Jan 2024 — An issue was discovered on GL.iNet devices through 4.5.0. Attackers can invoke the add_user interface in the system module to gain root privileges. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7. Se descubrió un problema en dispositivos GL.iNet hasta 4.5.0. Los atacantes pueden invocar la interfaz add_user en el módulo de system para obtener privilegios de root. • https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Add_user_vulnerability.md •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 1CVE-2023-50445 – GL.iNet Unauthenticated Remote Command Execution
https://notcve.org/view.php?id=CVE-2023-50445
28 Dec 2023 — Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the get_system_log and get_crash_log functions of the logread module, as well as the upgrade_online function of the upgrade module. Vulnerabilidad de inyección de Shell GL.iNet A1300 v4.4.6 AX1800 v4.4.6 AXT1800 v4.4.6 MT3000 v4.4.6 MT... • http://packetstormsecurity.com/files/176708/GL.iNet-Unauthenticated-Remote-Command-Execution.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-46454 – GL.iNet AR300M 4.3.7 Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-46454
12 Dec 2023 — In GL.iNET GL-AR300M routers with firmware v4.3.7, it is possible to inject arbitrary shell commands through a crafted package name in the package information functionality. En los routers GL.iNET GL-AR300M con firmware v4.3.7, es posible inyectar comandos de shell arbitrarios a través de un nombre de paquete manipulado en la funcionalidad de información del paquete. GL.iNet AR300M versions 4.3.7 and below suffer from an OpenVPN client related remote code execution vulnerability. • https://github.com/cyberaz0r/GL.iNet-Multiple-Vulnerabilities • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-46456 – GL.iNet AR300M 3.216 Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-46456
12 Dec 2023 — In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inject arbitrary shell commands through the OpenVPN client file upload functionality. En los routers GL.iNET GL-AR300M con firmware 3.216 es posible inyectar comandos de shell arbitrarios a través de la funcionalidad de carga de archivos del cliente OpenVPN. GL.iNet AR300M versions 3.216 and below suffer from an OpenVPN client related remote code execution vulnerability. • https://cyberaz0r.info/2023/11/glinet-multiple-vulnerabilities • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •