Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gl-inet gl-ar300m firmware 3.216 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-46456
In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inject arbitrary shell commands through the OpenVPN client file upload functionality.
Gl-inet Gl-ar300m Firmware 3.216
1 Github repository
4.9
CVSSv3
CVE-2023-31473
An issue exists on GL.iNet devices prior to 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter applied. Through the software installation feature, it is possib...
Gl-inet Gl-s20 Firmware
Gl-inet Gl-x3000 Firmware
Gl-inet Gl-mt3000 Firmware
Gl-inet Gl-mt2500 Firmware
Gl-inet Gl-mt2500a Firmware
Gl-inet Gl-axt1800 Firmware
Gl-inet Gl-a1300 Firmware
Gl-inet Gl-ax1800 Firmware
Gl-inet Gl-sft1200 Firmware
Gl-inet Gl-mt1300 Firmware
Gl-inet Gl-e750 Firmware
Gl-inet Gl-mv1000 Firmware
Gl-inet Gl-mv1000w Firmware
Gl-inet Gl-s10 Firmware
Gl-inet Gl-s200 Firmware
Gl-inet Gl-s1300 Firmware
Gl-inet Gl-sf1200 Firmware
Gl-inet Gl-b1300 Firmware
Gl-inet Gl-b2200 Firmware
Gl-inet Gl-ap1300 Firmware
Gl-inet Gl-ap1300lte Firmware
Gl-inet Gl-x1200 Firmware
9.8
CVSSv3
CVE-2023-31475
An issue exists on GL.iNet devices prior to 3.216. The function guci2_get() found in libglutil.so has a buffer overflow when an item is requested from a UCI context, and the value is pasted into a char pointer to a buffer without checking the size of the buffer.
Gl-inet Gl-s20 Firmware
Gl-inet Gl-x3000 Firmware
Gl-inet Gl-mt3000 Firmware
Gl-inet Gl-mt2500 Firmware
Gl-inet Gl-mt2500a Firmware
Gl-inet Gl-axt1800 Firmware
Gl-inet Gl-a1300 Firmware
Gl-inet Gl-ax1800 Firmware
Gl-inet Gl-sft1200 Firmware
Gl-inet Gl-mt1300 Firmware
Gl-inet Gl-e750 Firmware
Gl-inet Gl-mv1000 Firmware
Gl-inet Gl-mv1000w Firmware
Gl-inet Gl-s10 Firmware
Gl-inet Gl-s200 Firmware
Gl-inet Gl-s1300 Firmware
Gl-inet Gl-sf1200 Firmware
Gl-inet Gl-b1300 Firmware
Gl-inet Gl-b2200 Firmware
Gl-inet Gl-ap1300 Firmware
Gl-inet Gl-ap1300lte Firmware
Gl-inet Gl-x1200 Firmware
7.5
CVSSv3
CVE-2023-31477
A path traversal issue exists on GL.iNet devices prior to 3.216. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB path.
Gl-inet Gl-s20 Firmware
Gl-inet Gl-x3000 Firmware
Gl-inet Gl-mt3000 Firmware
Gl-inet Gl-mt2500 Firmware
Gl-inet Gl-mt2500a Firmware
Gl-inet Gl-axt1800 Firmware
Gl-inet Gl-a1300 Firmware
Gl-inet Gl-ax1800 Firmware
Gl-inet Gl-sft1200 Firmware
Gl-inet Gl-mt1300 Firmware
Gl-inet Gl-e750 Firmware
Gl-inet Gl-mv1000 Firmware
Gl-inet Gl-mv1000w Firmware
Gl-inet Gl-s10 Firmware
Gl-inet Gl-s200 Firmware
Gl-inet Gl-s1300 Firmware
Gl-inet Gl-sf1200 Firmware
Gl-inet Gl-b1300 Firmware
Gl-inet Gl-b2200 Firmware
Gl-inet Gl-ap1300 Firmware
Gl-inet Gl-ap1300lte Firmware
Gl-inet Gl-x1200 Firmware
9.8
CVSSv3
CVE-2023-31471
An issue exists on GL.iNet devices prior to 3.216. Through the software installation feature, it is possible to install arbitrary software, such as a reverse shell, because the restrictions on the available package list are limited to client-side verification. It is possible to i...
Gl-inet Gl-s20 Firmware
Gl-inet Gl-x3000 Firmware
Gl-inet Gl-mt3000 Firmware
Gl-inet Gl-mt2500 Firmware
Gl-inet Gl-mt2500a Firmware
Gl-inet Gl-axt1800 Firmware
Gl-inet Gl-a1300 Firmware
Gl-inet Gl-ax1800 Firmware
Gl-inet Gl-sft1200 Firmware
Gl-inet Gl-mt1300 Firmware
Gl-inet Gl-e750 Firmware
Gl-inet Gl-mv1000 Firmware
Gl-inet Gl-mv1000w Firmware
Gl-inet Gl-s10 Firmware
Gl-inet Gl-s200 Firmware
Gl-inet Gl-s1300 Firmware
Gl-inet Gl-sf1200 Firmware
Gl-inet Gl-b1300 Firmware
Gl-inet Gl-b2200 Firmware
Gl-inet Gl-ap1300 Firmware
Gl-inet Gl-ap1300lte Firmware
Gl-inet Gl-x1200 Firmware
7.5
CVSSv3
CVE-2023-31478
An issue exists on GL.iNet devices prior to 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key.
Gl-inet Gl-s20 Firmware
Gl-inet Gl-x3000 Firmware
Gl-inet Gl-mt3000 Firmware
Gl-inet Gl-mt2500 Firmware
Gl-inet Gl-mt2500a Firmware
Gl-inet Gl-axt1800 Firmware
Gl-inet Gl-a1300 Firmware
Gl-inet Gl-ax1800 Firmware
Gl-inet Gl-sft1200 Firmware
Gl-inet Gl-mt1300 Firmware
Gl-inet Gl-e750 Firmware
Gl-inet Gl-mv1000 Firmware
Gl-inet Gl-mv1000w Firmware
Gl-inet Gl-s10 Firmware
Gl-inet Gl-s200 Firmware
Gl-inet Gl-s1300 Firmware
Gl-inet Gl-sf1200 Firmware
Gl-inet Gl-b1300 Firmware
Gl-inet Gl-b2200 Firmware
Gl-inet Gl-ap1300 Firmware
Gl-inet Gl-ap1300lte Firmware
Gl-inet Gl-x1200 Firmware
7.5
CVSSv3
CVE-2023-31472
An issue exists on GL.iNet devices prior to 3.216. There is an arbitrary file write in which an empty file can be created anywhere on the filesystem. This is caused by a command injection vulnerability with a filter applied.
Gl-inet Gl-s20 Firmware
Gl-inet Gl-x3000 Firmware
Gl-inet Gl-mt3000 Firmware
Gl-inet Gl-mt2500 Firmware
Gl-inet Gl-mt2500a Firmware
Gl-inet Gl-axt1800 Firmware
Gl-inet Gl-a1300 Firmware
Gl-inet Gl-ax1800 Firmware
Gl-inet Gl-sft1200 Firmware
Gl-inet Gl-mt1300 Firmware
Gl-inet Gl-e750 Firmware
Gl-inet Gl-mv1000 Firmware
Gl-inet Gl-mv1000w Firmware
Gl-inet Gl-s10 Firmware
Gl-inet Gl-s200 Firmware
Gl-inet Gl-s1300 Firmware
Gl-inet Gl-sf1200 Firmware
Gl-inet Gl-b1300 Firmware
Gl-inet Gl-b2200 Firmware
Gl-inet Gl-ap1300 Firmware
Gl-inet Gl-ap1300lte Firmware
Gl-inet Gl-x1200 Firmware
7.5
CVSSv3
CVE-2023-31474
An issue exists on GL.iNet devices prior to 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name.
Gl-inet Gl-s20 Firmware
Gl-inet Gl-x3000 Firmware
Gl-inet Gl-mt3000 Firmware
Gl-inet Gl-mt2500 Firmware
Gl-inet Gl-mt2500a Firmware
Gl-inet Gl-axt1800 Firmware
Gl-inet Gl-a1300 Firmware
Gl-inet Gl-ax1800 Firmware
Gl-inet Gl-sft1200 Firmware
Gl-inet Gl-mt1300 Firmware
Gl-inet Gl-e750 Firmware
Gl-inet Gl-mv1000 Firmware
Gl-inet Gl-mv1000w Firmware
Gl-inet Gl-s10 Firmware
Gl-inet Gl-s200 Firmware
Gl-inet Gl-s1300 Firmware
Gl-inet Gl-sf1200 Firmware
Gl-inet Gl-b1300 Firmware
Gl-inet Gl-b2200 Firmware
Gl-inet Gl-ap1300 Firmware
Gl-inet Gl-ap1300lte Firmware
Gl-inet Gl-x1200 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started