14 matches found
PT-2026-49110
Name of the Vulnerable Software and Affected Versions GL.iNet GL-MT3000 versions prior to 4.7 Description An issue in the Online Firmware Upgrade Handler component allows for remote command injection via the /usr/bin/one click upgrade file. Command injection is a flaw that allows an attacker to...
CVE-2026-11447
A security flaw has been discovered in GL.iNet GL-MT3000 up to 4.4.5. Impacted is the function iwinfobackend of the file iwinfo.so of the component MTK Backend. The manipulation of the argument device results in command injection. The attack can be executed remotely. The exploit has been released...
EUVD-2026-34981
A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalization Handler. Performing a manipulation of the argument devname results in command injection. It is possible to initiate the attack...
PT-2026-47169
A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument kube. set causes command injection. The attack is possible to be carried out remotely. Upgrading to...
GL.iNet GL-MT3000 命令注入漏洞
GL.iNet GL-MT3000 is a portable travel router from the company GL.iNet, which supports Wi-Fi 6 and VPN functions. Versions of GL.iNet GL-MT3000 with a version number of 4.4.5 or earlier have a command injection vulnerability. This vulnerability stems from the incorrect handling of the parameter...
GL-iNet GL-AR300M16 安全漏洞
GL-iNet GL-AR300M16 is a portable mini router produced by the Chinese company GL-iNet. The GL-iNet GL-AR300M16 v4.3.11 version contains a security vulnerability. This vulnerability stems from the string port parameter in the enableechoserver function, which allows for command injection, potential...
GL-iNet GL-AR300M16 安全漏洞
GL-iNet GL-AR300M16 is a portable mini router produced by the Chinese company GL-iNet. The GL-iNet GL-AR300M16 v4.3.11 version contains a security vulnerability. This vulnerability stems from a command injection vulnerability in the setconfig function, which may allow for the execution of arbitra...
CVE-2025-67089
A command injection vulnerability exists in the GL-iNet GL-AXT1800 router firmware v4.6.8. The vulnerability is present in the plugins.installpackage RPC method, which fails to properly sanitize user input in package names. Authenticated attackers can exploit this to execute arbitrary commands wi...
CVE-2025-67089
A command injection vulnerability exists in the GL-iNet GL-AXT1800 router firmware v4.6.8. The vulnerability is present in the plugins.installpackage RPC method, which fails to properly sanitize user input in package names. Authenticated attackers can exploit this to execute arbitrary commands wi...
GL.iNet Router 安全漏洞
GL.iNet Router is a series of routers from China's Guanglian Zhitong GL.iNet company. A security vulnerability exists in GL.iNet Router that originates from a buffer overflow in the plugins.so file of the RPC Handler component...
GL.iNet多款产品 安全漏洞
GL.iNet AX1800 and others are products of China Guanglian Zhitong GL.iNet company.GL.iNet AX1800 is a wireless router.GL.iNet AXT1800 is a router.GL.iNet MT6000 is a router.GL.iNet AXT1800 is a router.GL.iNet MT6000 is a router.GL.iNet MT6000 is a router. A security vulnerability exists in severa...
GL.iNet Router Security Vulnerability
GL.iNet Router is a series of routers from China's Guanglian Zhitong GL.iNet. A security vulnerability exists in the GL.iNet Router 4.x firmware version, which originated from a vulnerability that allows an attacker to bypass authentication and gain access to the router's web interface...
GL.iNet GL-AR750S-Ext 安全漏洞
The GL.iNet GL-AR750S-Ext is a wireless router from China's Guanglian Zhitong GL.iNet. A security vulnerability exists in the GL.iNet GL-AR750S-Ext version 3.215, which originates from the insertion of an administrator authentication token into a GET request when downloading the OpenVPN server...
GL.iNet GL-AR750S-Ext 安全漏洞
The GL.iNet GL-AR750S-Ext is a wireless router from China's GL.iNet. A security vulnerability exists in the GL.iNet GL-AR750S-Ext version 3.215. An attacker exploited the vulnerability to eavesdrop on communications via a man-in-the-middle attack...