Gl-mt3000 Firmware@4.3.7 Security Vulnerabilities and Issues — Gl-mt3000 Firmware@4.3.7 CVE List

Lucene search

Gl-inetGl-mt3000 Firmware4.3.7

2 matches found

CVE•added 2024/01/12 8:15 a.m.•52 views

CVE-2023-50919

An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string pattern matching. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M...

9.8CVSS9.7AI score0.43736EPSS

CVE•added 2024/01/12 8:15 a.m.•28 views

CVE-2023-50920

An issue was discovered on GL.iNet devices before version 4.5.0. They assign the same session ID after each user reboot, allowing attackers to share session identifiers between different sessions and bypass authentication or access control measures. Attackers can impersonate legitimate users or per...

5.5CVSS5.7AI score0.00011EPSS