CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

66 matches found

Positive Technologies•added 2026/04/09 12:0 a.m.•3 views

PT-2026-31635

A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The...

7.5CVSS5.2AI score0.00149EPSS

Exploits0References6

RedhatCVE•added 2026/01/09 12:37 p.m.•7 views

CVE-2023-50922

An issue was discovered on GL.iNet devices through 4.5.0. Attackers who are able to steal the AdminToken cookie can execute arbitrary code by uploading a crontab-formatted file to a specific directory and waiting for its execution. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000...

7.2CVSS8AI score0.00077EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:37 p.m.•8 views

CVE-2023-50445

Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the getsystemlog and...

7.8CVSS7.9AI score0.03125EPSS

Exploits4References1

RedhatCVE•added 2026/01/09 12:34 p.m.•1 views

CVE-2023-31477

A path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB path...

7.5CVSS7AI score0.00428EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:33 p.m.•5 views

CVE-2023-31478

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key...

7.5CVSS6.7AI score0.85907EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:32 p.m.•2 views

CVE-2023-31474

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name...

7.5CVSS6.9AI score0.00322EPSS

Exploits1References1