EUVD-2023-50669

Certain GL.iNet devices with 4.x firmware allow authentication bypass resulting in administrative control of the device via a username that is both a valid SQL statement and a valid regular expression. For example, this affects version 4.3.7 on GL-MT3000 GL-AR300M GL-B1300 GL-AX1800 GL-AR750S...

CVE-2022-31898

gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the pingaddr and traceaddr function parameters...

PT-2025-47925

A firmware downgrade vulnerability exists in the OTA Update functionality of GL-Inet GL-AXT1800 4.7.0. A specially crafted .tar file can lead to a firmware downgrade. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

Exploit for Path Traversal in Gl-Inet Gl-Ax1800_Firmware

GL-AX1800 Router Security Assessment Report Overview This...

PT-2024-2213

Name of the Vulnerable Software and Affected Versions GL.iNet GL-A1300 GL.iNet GL-AX1800 GL.iNet GL-AXT1800 GL.iNet GL-MT3000 GL.iNet GL-MT2500 GL.iNet GL-MT6000 GL.iNet GL-MT1300 GL.iNet GL-MT300N-V2 GL.iNet GL-AR750S GL.iNet GL-AR750 GL.iNet GL-AR300M GL.iNet GL-B1300 Description The issue is...

CVE-2022-31898

gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the pingaddr and traceaddr function parameters...

Command injection

gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the pingaddr and traceaddr function parameters...

CVE-2022-31898

gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the pingaddr and traceaddr function parameters...

CVE-2022-31898

gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the pingaddr and traceaddr function parameters...