Lucene search
+L

68 matches found

Cvelist
Cvelist
added 2025/04/26 7:0 a.m.34 views

CVE-2025-2811 GL.iNet GL-A1300 Slate Plus API redos

A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-AR750 Creta, GL-AR750S-EXT Slate, GL-AX1800 Flint, GL-AXT1800 Slate AX, GL-B1300 Convexa-B, GL-B3000 Marble, GL-BE3600 Slate 7, GL-E750, GL-E750V2 Mudi, GL-MT300N-V2 Mango, GL-MT1300 Beryl, GL-MT250...

6.9CVSS0.00361EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/26 12:0 a.m.4 views

PT-2025-17954 · Gl.Inet · Gl-A1300 Slate Plus +22

Name of the Vulnerable Software and Affected Versions: GL.iNet GL-A1300 Slate Plus version 4.x GL.iNet GL-AR300M16 Shadow version 4.x GL.iNet GL-AR300M Shadow version 4.x GL.iNet GL-AR750 Creta version 4.x GL.iNet GL-AR750S-EXT Slate version 4.x GL.iNet GL-AX1800 Flint version 4.x GL.iNet...

6.9CVSS5.5AI score0.00361EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/04/26 12:0 a.m.7 views

PT-2025-17958 · Gl.Inet · Gl-A1300 Slate Plus +22

Name of the Vulnerable Software and Affected Versions: GL.iNet GL-A1300 Slate Plus version 4.x GL.iNet GL-AR300M16 Shadow version 4.x GL.iNet GL-AR300M Shadow version 4.x GL.iNet GL-AR750 Creta version 4.x GL.iNet GL-AR750S-EXT Slate version 4.x GL.iNet GL-AX1800 Flint version 4.x GL.iNet...

8.6CVSS7.9AI score0.00404EPSS
Exploits0References11
CNNVD
CNNVD
added 2024/10/24 12:0 a.m.9 views

GL.iNet多款产品 安全漏洞

GL.iNet MT3000 and others are products of China's GL.iNet GL.iNet.GL.iNet MT3000 is an AX3000 portable router that uses the Wi-Fi 6 protocol.GL.iNet AX1800 is a wireless router.GL.iNet AXT1800 is a router. A security vulnerability exists in several GL.iNet products. An attacker can exploit the...

8.8CVSS7AI score0.00647EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/08/26 12:0 a.m.5 views

GL.iNet多款产品 安全漏洞

GL.iNet MT3000 and others are products of China's GL.iNet GL.iNet.GL.iNet MT3000 is an AX3000 portable router that uses the Wi-Fi 6 protocol.GL.iNet MT6000 is a router.GL.iNet XE3000 is an intelligent router. A security vulnerability exists in several GL.iNet products. The vulnerability stems fro...

7.5CVSS6.7AI score0.00431EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/08/06 12:0 a.m.5 views

GL.iNet多款产品 操作系统命令注入漏洞

GL.iNet AR750S and others are products of China's Guanglian Intelligent Communication GL.iNet company.GL.iNet AR750S is a router.GL.iNet AR750 is a router.GL.iNet AR300M is a router. An operating system command injection vulnerability exists in several GL.iNet products, which stems from a shell...

9.8CVSS7.5AI score0.00662EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/08/06 12:0 a.m.5 views

GL.iNet多款产品 路径遍历漏洞

GL.iNet MT300N-V2 and others are products of China's GL.iNet. GL.iNet MT300N-V2 is a mini router. GL.iNet AR750 is a router. GL.iNet AR300M is a router. A path traversal vulnerability exists in various GL.iNet products, which originates from an insecure privilege in the /cgi-bin/glc interface. Th...

9.8CVSS6.8AI score0.20561EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/01/12 12:0 a.m.6 views

CVE-2023-50919

An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string pattern matching. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR30...

9.8AI score0.47804EPSS
Exploits4References2
Vulnrichment
Vulnrichment
added 2024/01/03 12:0 a.m.4 views

CVE-2023-50921

An issue was discovered on GL.iNet devices through 4.5.0. Attackers can invoke the adduser interface in the system module to gain root privileges. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750...

7.5AI score0.00519EPSS
Exploits0References1
OSV
OSV
added 2023/12/28 5:15 a.m.6 views

CVE-2023-50445

Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the getsystemlog and...

7.8CVSS6.1AI score0.09123EPSS
Exploits4References2
CNNVD
CNNVD
added 2023/11/29 12:0 a.m.5 views

GL.iNet devices Security Vulnerabilities

GL.iNet devices are a series of hardware devices from China's Guanglian Zhitong GL.iNet company. A security vulnerability exists in GL.iNet devices v.3.215 and earlier versions, which stems from a misconfiguration of privileges that could allow an attacker to execute arbitrary code via the file...

9.8CVSS7.6AI score0.01287EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/05/11 12:0 a.m.13 views

CVE-2023-31473

An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter applied. Through the software installation feature, it is possible to injec...

5.5AI score0.03869EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/05/11 12:0 a.m.11 views

CVE-2023-31475

An issue was discovered on GL.iNet devices before 3.216. The function guci2get found in libglutil.so has a buffer overflow when an item is requested from a UCI context, and the value is pasted into a char pointer to a buffer without checking the size of the buffer...

9.7AI score0.13743EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/05/11 12:0 a.m.14 views

PT-2023-23356 · Gl.Inet · Gl.Inet

Name of the Vulnerable Software and Affected Versions: GL.iNet devices versions prior to 3.216 Description: A path traversal issue was discovered, allowing the sharing of arbitrary directories, such as /tmp or /etc, through the file sharing feature due to the lack of server-side restrictions...

7.5CVSS7.7AI score0.0094EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2023/05/11 12:0 a.m.10 views

CVE-2023-31477

A path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB path...

7.6AI score0.0094EPSS
Exploits1References2
Prion
Prion
added 2023/05/10 3:15 p.m.17 views

Information disclosure

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to install arbitrary software, such as a reverse shell, because the restrictions on the available package list are limited to client-side verification. It is possible to install...

7.5CVSS9.4AI score0.01053EPSS
Exploits1References2Affected Software32
Vulnrichment
Vulnrichment
added 2023/05/10 12:0 a.m.10 views

CVE-2023-31471

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to install arbitrary software, such as a reverse shell, because the restrictions on the available package list are limited to client-side verification. It is possible to install...

9.6AI score0.01053EPSS
Exploits1References2
NVD
NVD
added 2023/05/09 11:15 p.m.27 views

CVE-2023-31478

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key...

7.5CVSS7.5AI score0.29699EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.7 views

GL.iNet devices 命令注入漏洞

GL.iNet devices are a series of hardware devices from China's Guanglian Zhitong GL.iNet company. A command injection vulnerability exists in GL.iNet devices prior to version 3.216, which stems from an arbitrary file write vulnerability that can create an empty file anywhere on the file system...

7.5CVSS7.5AI score0.00804EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.6 views

GL.iNet devices 安全漏洞

GL.iNet devices are a series of hardware devices from China Guanglian Zhitong GL.iNet Company. A security vulnerability exists in GL.iNet devices prior to version 3.216, which originates from the ability to use regular expression functionality in package names via the software installation featur...

7.5CVSS7.5AI score0.00822EPSS
Exploits1References4
Rows per page
Query Builder