CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

68 matches found

Vulnrichment•added 2026/06/08 10:15 a.m.•5 views

CVE-2026-11505 GL.iNet XE3000 glnassys hard-coded key

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

5CVSS5.2AI score0.0019EPSS

Exploits0References6

Positive Technologies•added 2026/06/08 12:0 a.m.•7 views

PT-2026-47268

5CVSS5.2AI score0.0019EPSS

Exploits0References7

Positive Technologies•added 2026/04/09 12:0 a.m.•3 views

PT-2026-31635

A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The...

7.5CVSS5.2AI score0.00509EPSS

Exploits0References6

RedhatCVE•added 2026/01/09 12:37 p.m.•9 views

CVE-2023-50922

An issue was discovered on GL.iNet devices through 4.5.0. Attackers who are able to steal the AdminToken cookie can execute arbitrary code by uploading a crontab-formatted file to a specific directory and waiting for its execution. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000...

7.2CVSS8AI score0.00861EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:37 p.m.•9 views

CVE-2023-50445

Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the getsystemlog and...

7.8CVSS7.9AI score0.09123EPSS

Exploits4References1

RedhatCVE•added 2026/01/09 12:34 p.m.•3 views

CVE-2023-31477

A path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB path...

7.5CVSS7AI score0.0094EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:33 p.m.•7 views

CVE-2023-31478

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key...

7.5CVSS6.7AI score0.29699EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:32 p.m.•4 views

CVE-2023-31474

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name...

7.5CVSS6.9AI score0.00822EPSS

Exploits1References1