Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
inet vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-47463
Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 prior to 4.5.0 allows a remote malicious user to execute arbitrary code via a crafted script to the gl_nas_sys authentication function.
Gl-inet Gl-ax1800 Firmware
NA
CVE-2023-47464
Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 prior to 4.5.0 allows a remote malicious user to execute arbitrary code via the upload API function.
Gl-inet Gl-ax1800 Firmware
1 Github repository
NA
CVE-2022-42054
Multiple stored cross-site scripting (XSS) vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Company Name and Description text fields.
Gl-inet Goodcloud 1.00.220412.00
NA
CVE-2022-42055
Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 via the ping and traceroute tools allow malicious users to read arbitrary files on the system.
Gl-inet Goodcloud 1.00.220412.00
4.3
CVSSv2
CVE-2021-44148
GL.iNet GL-AR150 2.x prior to 3.x devices, configured as repeaters, allow cgi-bin/router_cgi?action=scanwifi XSS when an attacker creates an SSID with an XSS payload as the name.
Gl-inet Gl-ar150 Firmware
3.3
CVSSv2
CVE-2020-8689
Improper buffer restrictions in the Intel(R) Wireless for Open Source before version 1.5 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
Intel Inet Wireless Daemon
NA
CVE-2023-24261
A vulnerability in GL.iNET GL-E750 Mudi before firmware v3.216 allows authenticated malicious users to execute arbitrary code via a crafted POST request.
Gl-inet Gl-e750 Firmware
NA
CVE-2023-33620
GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows malicious users to eavesdrop via a man-in-the-middle attack.
Gl-inet Gl-ar750s Firmware 3.215
NA
CVE-2023-33621
GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The token is then left in the browser history or access logs, potentially allowing malicious users to bypass authentication via sessi...
Gl-inet Gl-ar750s Firmware 3.215
NA
CVE-2023-29778
GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection via /usr/lib/oui-httpd/rpc/logread.
Gl-inet Gl-mt3000 Firmware 4.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »