1 results (0.001 seconds)
CVSS: 8.8EPSS: 0%CPEs: 20EXPL: 0
CVSS: 8.8EPSS: 0%CPEs: 20EXPL: 0CVE-2024-45263
https://notcve.org/view.php?id=CVE-2024-45263
24 Oct 2024 — An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The upload interface allows the uploading of arbitrary files to the device. Once the device executes the files, it can lead to information leakage, enabling complete control. • https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Arbitrary%20File%20Upload%20to%20ovpn_upload%20via%20Upload%20Interface.md • CWE-434: Unrestricted Upload of File with Dangerous Type •