Gl-ax1800 Firmware Security Vulnerabilities and Issues — Gl-ax1800 Firmware CVE List

Lucene search

Gl-inetGl-ax1800 Firmware

16 matches found

CVE•added 2023/05/09 6:15 p.m.•721 views

CVE-2023-31474

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name.

7.5CVSS7.5AI score0.00207EPSS

CVE•added 2022/10/27 6:15 p.m.•138 views

CVE-2022-31898

gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the ping_addr and trace_addr function parameters.

6.8CVSS7.1AI score0.41602EPSS

CVE•added 2023/12/28 5:15 a.m.•61 views

CVE-2023-50445

Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the get_system_log and...

7.8CVSS9AI score0.0259EPSS

CVE•added 2023/05/09 6:15 p.m.•60 views

CVE-2023-31472

An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter applied.

7.5CVSS7.8AI score0.28495EPSS

CVE•added 2023/05/09 11:15 p.m.•56 views

CVE-2023-31478

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key.

7.5CVSS7.9AI score0.82164EPSS

CVE•added 2023/05/10 3:15 p.m.•54 views

CVE-2023-31471

An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to install arbitrary software, such as a reverse shell, because the restrictions on the available package list are limited to client-side verification. It is possible to install softwa...

9.8CVSS9.4AI score0.00496EPSS

CVE•added 2024/01/12 8:15 a.m.•52 views

CVE-2023-50919

An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string pattern matching. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M...

9.8CVSS9.7AI score0.43736EPSS

CVE•added 2023/05/11 2:15 a.m.•48 views

CVE-2023-31477

A path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB path.

7.5CVSS7.6AI score0.00236EPSS

CVE•added 2024/01/03 8:15 a.m.•47 views

CVE-2023-50922

An issue was discovered on GL.iNet devices through 4.5.0. Attackers who are able to steal the AdminToken cookie can execute arbitrary code by uploading a crontab-formatted file to a specific directory and waiting for its execution. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6...

7.2CVSS7.4AI score0.00077EPSS

CVE•added 2023/05/11 11:15 a.m.•40 views

CVE-2023-31473

4.9CVSS5.5AI score0.01621EPSS

CVE•added 2023/05/11 11:15 a.m.•39 views

CVE-2023-31475

An issue was discovered on GL.iNet devices before 3.216. The function guci2_get() found in libglutil.so has a buffer overflow when an item is requested from a UCI context, and the value is pasted into a char pointer to a buffer without checking the size of the buffer.

9.8CVSS9.6AI score0.26746EPSS

CVE•added 2024/01/03 9:15 a.m.•37 views

CVE-2023-50921

An issue was discovered on GL.iNet devices through 4.5.0. Attackers can invoke the add_user interface in the system module to gain root privileges. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3...

9.8CVSS9.5AI score0.00084EPSS

CVE•added 2024/01/12 8:15 a.m.•28 views

CVE-2023-50920

An issue was discovered on GL.iNet devices before version 4.5.0. They assign the same session ID after each user reboot, allowing attackers to share session identifiers between different sessions and bypass authentication or access control measures. Attackers can impersonate legitimate users or per...

5.5CVSS5.7AI score0.00011EPSS

CVE•added 2023/11/29 5:15 a.m.•26 views

CVE-2023-47462

Insecure Permissions vulnerability in GL.iNet AX1800 v.3.215 and before allows a remote attacker to execute arbitrary code via the file sharing function.

9.8CVSS9.5AI score0.03405EPSS

CVE•added 2023/11/30 5:15 a.m.•26 views

CVE-2023-47463

Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via a crafted script to the gl_nas_sys authentication function.

9.8CVSS9.6AI score0.04462EPSS

CVE•added 2023/11/30 5:15 a.m.•25 views

CVE-2023-47464

Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via the upload API function.

8.8CVSS8.8AI score0.64254EPSS