Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/09 2:58 p.m.14 views

CVE-2026-11505

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

5CVSS5AI score0.00197EPSS
Exploits0References1
CVE
CVE
added 2026/05/08 12:0 a.m.18 views

CVE-2023-46453

GL.iNet devices running firmware 4.x (notably 4.3.7 on models such as GL-MT3000, GL-AR300M, GL-B1300, GL-AX1800, GL-AR750S, GL-MT2500, GL-AXT1800, GL-X3000, GL-SFT1200) are affected by CVE-2023-46453, an authentication bypass in the web interface. The root cause involves a vulnerable authenticati...

9.8CVSS5.9AI score0.00764EPSS
Exploits3References1
OSV
OSV
added 2024/10/24 9:15 p.m.5 views

CVE-2024-45262

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The params parameter in the call method of the /rpc endpoint is vulnerable to arbitrary directory traversal, which enables attackers to execute scripts under any path...

8.8CVSS6AI score0.00647EPSS
Exploits1References1
OSV
OSV
added 2023/05/11 11:15 a.m.4 views

CVE-2023-31473

An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter applied. Through the software installation feature, it is possible to injec...

4.9CVSS5.9AI score0.03869EPSS
Exploits1References2
OSV
OSV
added 2023/05/11 11:15 a.m.4 views

CVE-2023-31475

An issue was discovered on GL.iNet devices before 3.216. The function guci2get found in libglutil.so has a buffer overflow when an item is requested from a UCI context, and the value is pasted into a char pointer to a buffer without checking the size of the buffer...

9.8CVSS6AI score0.13743EPSS
Exploits1References3
OSV
OSV
added 2023/05/10 3:15 p.m.6 views

CVE-2023-31471

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to install arbitrary software, such as a reverse shell, because the restrictions on the available package list are limited to client-side verification. It is possible to install...

9.8CVSS7.4AI score0.01053EPSS
Exploits1References2
Rows per page
Query Builder