6 matches found
EUVD-2026-20928
A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The...
CVE-2026-5959
A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The...
CVE-2026-5959 GL.iNet GL-RM1/GL-RM10/GL-RM10RC/GL-RM1PE Factory Reset improper authentication
A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The...
CVE-2026-5959
The CVE-2026-5959 entry concerns GL.iNet devices GL-RM1/GL-RM10/GL-RM10RC/GL-RM1PE running 1.8.1, where an issue in the Factory Reset Handler allows remote, improperly authenticated actions. The vulnerability’s attack complexity is high with network access and no user interaction required, and it...
Use of Weak Hash
Overview Affected versions of this package are vulnerable to Use of Weak Hash in the P2SH check during deposit reveal. An attacker can cause protocol insolvency by crafting a transaction that embeds a valid P2SH inside a P2PKH output script, which is incorrectly treated as a valid P2SH output by...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure in the HelloChrome120. An attacker can obtain sensitive information by analyzing TLS fingerprint discrepancies caused by the missing padding extension. Remediation Upgrade github.com/refraction-networking/utls to...