CVE-2024-39225
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a remote code execution (RCE) vulnerability.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-06-21 CVE Reserved
- 2024-08-06 CVE Published
- 2024-08-13 EPSS Updated
- 2024-08-15 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-307: Improper Restriction of Excessive Authentication Attempts
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://ar750ar750sar300mar300m16mt300n-v2b1300mt1300sft1200x750.com | ||
| https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Bypass%20the%20login%20mechanism.md |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gl-inet Search vendor "Gl-inet" | A1300 Firmware Search vendor "Gl-inet" for product "A1300 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Ap1300 Firmware Search vendor "Gl-inet" for product "Ap1300 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Ar300m16 Firmware Search vendor "Gl-inet" for product "Ar300m16 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Ar300m Firmware Search vendor "Gl-inet" for product "Ar300m Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Ar750 Firmware Search vendor "Gl-inet" for product "Ar750 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Ar750s Firmware Search vendor "Gl-inet" for product "Ar750s Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Ax1800 Firmware Search vendor "Gl-inet" for product "Ax1800 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Axt1800 Firmware Search vendor "Gl-inet" for product "Axt1800 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | B1300 Firmware Search vendor "Gl-inet" for product "B1300 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | B2200 Firmware Search vendor "Gl-inet" for product "B2200 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | E750 Firmware Search vendor "Gl-inet" for product "E750 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Mt1300 Firmware Search vendor "Gl-inet" for product "Mt1300 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Mt2500 Firmware Search vendor "Gl-inet" for product "Mt2500 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Mt3000 Firmware Search vendor "Gl-inet" for product "Mt3000 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Mt300n-v2 Firmware Search vendor "Gl-inet" for product "Mt300n-v2 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Mt6000 Firmware Search vendor "Gl-inet" for product "Mt6000 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Mv1000 Firmware Search vendor "Gl-inet" for product "Mv1000 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Mv1000w Firmware Search vendor "Gl-inet" for product "Mv1000w Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | N300 Firmware Search vendor "Gl-inet" for product "N300 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | S1300 Firmware Search vendor "Gl-inet" for product "S1300 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Sf1200 Firmware Search vendor "Gl-inet" for product "Sf1200 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Sft1200 Firmware Search vendor "Gl-inet" for product "Sft1200 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Usb150 Firmware Search vendor "Gl-inet" for product "Usb150 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | X3000 Firmware Search vendor "Gl-inet" for product "X3000 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | X300b Firmware Search vendor "Gl-inet" for product "X300b Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | X750 Firmware Search vendor "Gl-inet" for product "X750 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Xe3000 Firmware Search vendor "Gl-inet" for product "Xe3000 Firmware" | * | - |
Affected
| ||||||
| Gl-inet Search vendor "Gl-inet" | Xe300 Firmware Search vendor "Gl-inet" for product "Xe300 Firmware" | * | - |
Affected
| ||||||