GL.iNet devices Security Vulnerabilities

GL.iNet devices are a series of hardware devices from China's Guanglian Zhitong GL.iNet company. A security vulnerability exists in GL.iNet devices v.3.215 and earlier versions, which stems from a misconfiguration of privileges that could allow an attacker to execute arbitrary code via the file...

CVE-2023-33621

GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The token is then left in the browser history or access logs, potentially allowing attackers to bypass authentication via session replay...

GL.iNet GL-AR750S-Ext 安全漏洞

The GL.iNet GL-AR750S-Ext is a wireless router from China's Guanglian Zhitong GL.iNet. A security vulnerability exists in the GL.iNet GL-AR750S-Ext version 3.215, which originates from the insertion of an administrator authentication token into a GET request when downloading the OpenVPN server...

GL.iNet GL-AR750S-Ext 安全漏洞

The GL.iNet GL-AR750S-Ext is a wireless router from China's GL.iNet. A security vulnerability exists in the GL.iNet GL-AR750S-Ext version 3.215. An attacker exploited the vulnerability to eavesdrop on communications via a man-in-the-middle attack...