Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

X1200 Security Vulnerabilities

cve
cve

CVE-2023-31473

An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter applied. Through the software installation feature, it is possible to inject....

4.9CVSS

5.5AI Score

0.001EPSS

2023-05-11 11:15 AM
13
cve
cve

CVE-2023-31475

An issue was discovered on GL.iNet devices before 3.216. The function guci2_get() found in libglutil.so has a buffer overflow when an item is requested from a UCI context, and the value is pasted into a char pointer to a buffer without checking the size of the...

9.8CVSS

9.6AI Score

0.002EPSS

2023-05-11 11:15 AM
19
cve
cve

CVE-2023-31477

A path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB...

7.5CVSS

7.6AI Score

0.002EPSS

2023-05-11 02:15 AM
16
cve
cve

CVE-2023-31471

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to install arbitrary software, such as a reverse shell, because the restrictions on the available package list are limited to client-side verification. It is possible to install...

9.8CVSS

9.4AI Score

0.003EPSS

2023-05-10 03:15 PM
22
cve
cve

CVE-2023-31478

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and...

7.5CVSS

7.9AI Score

0.002EPSS

2023-05-09 11:15 PM
24
cve
cve

CVE-2023-31472

An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter...

7.5CVSS

7.8AI Score

0.001EPSS

2023-05-09 06:15 PM
36
cve
cve

CVE-2023-31474

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package...

7.5CVSS

7.5AI Score

0.001EPSS

2023-05-09 06:15 PM
693
cve
cve

CVE-2001-0413

BinTec X4000 Access router, and possibly other versions, allows remote attackers to cause a denial of service via a SYN port scan, which causes the router to...

7.1AI Score

0.013EPSS

2001-09-18 04:00 AM
28