Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2026/05/08 9:31 a.m.13 views

EUVD-2023-50669

Certain GL.iNet devices with 4.x firmware allow authentication bypass resulting in administrative control of the device via a username that is both a valid SQL statement and a valid regular expression. For example, this affects version 4.3.7 on GL-MT3000 GL-AR300M GL-B1300 GL-AX1800 GL-AR750S...

9.8CVSS5.9AI score0.00764EPSS
Exploits3References2
Positive Technologies
Positive Technologiesadded 2024/01/23 12:0 a.m.6 views

PT-2024-2213

Name of the Vulnerable Software and Affected Versions GL.iNet GL-A1300 GL.iNet GL-AX1800 GL.iNet GL-AXT1800 GL.iNet GL-MT3000 GL.iNet GL-MT2500 GL.iNet GL-MT6000 GL.iNet GL-MT1300 GL.iNet GL-MT300N-V2 GL.iNet GL-AR750S GL.iNet GL-AR750 GL.iNet GL-AR300M GL.iNet GL-B1300 Description The issue is...

9.8CVSS5.8AI score0.00764EPSS
Exploits3References12
Prion
Prionadded 2023/06/13 5:15 p.m.9 views

Design/Logic Flaw

GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows attackers to eavesdrop via a man-in-the-middle attack...

2.6CVSS5.6AI score0.00709EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2023/06/13 4:15 p.m.2 views

CVE-2023-33621

GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The token is then left in the browser history or access logs, potentially allowing attackers to bypass authentication via session replay...

5.9CVSS5.8AI score0.00953EPSS
Exploits1References3
NVD
NVDadded 2023/06/13 4:15 p.m.13 views

CVE-2023-33621

GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The token is then left in the browser history or access logs, potentially allowing attackers to bypass authentication via session replay...

5.9CVSS5.9AI score0.00953EPSS
Exploits1References3
Prion
Prionadded 2023/06/13 4:15 p.m.19 views

Authentication flaw

GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The token is then left in the browser history or access logs, potentially allowing attackers to bypass authentication via session replay...

2.6CVSS5.9AI score0.00953EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2023/06/13 12:0 a.m.43 views

CVE-2023-33621

CVE-2023-33621 concerns GL.iNET GL-AR750S-Ext firmware v3.215. The OpenVPN Server config file download issue causes the admin authentication token to be inserted into a GET request, leaving the token in browser history or access logs. This could allow a session-replay based bypass of authenticati...

5.9CVSS5.9AI score0.00953EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2023/06/13 12:0 a.m.17 views

CVE-2023-33620

GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows attackers to eavesdrop via a man-in-the-middle attack...

5.8AI score0.00709EPSS
Exploits1References3
Cvelist
Cvelistadded 2023/06/13 12:0 a.m.19 views

CVE-2023-33621

GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The token is then left in the browser history or access logs, potentially allowing attackers to bypass authentication via session replay...

6.1AI score0.00953EPSS
Exploits1References3
Rows per page
Query Builder