Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
inet vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-24261
A vulnerability in GL.iNET GL-E750 Mudi before firmware v3.216 allows authenticated malicious users to execute arbitrary code via a crafted POST request.
Gl-inet Gl-e750 Firmware
NA
CVE-2022-42054
Multiple stored cross-site scripting (XSS) vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Company Name and Description text fields.
Gl-inet Goodcloud 1.00.220412.00
NA
CVE-2022-42055
Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 via the ping and traceroute tools allow malicious users to read arbitrary files on the system.
Gl-inet Goodcloud 1.00.220412.00
NA
CVE-2023-52161
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) prior to 2.14 allows malicious users to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4...
Intel Inet Wireless Daemon
383
VMScore
CVE-2021-44148
GL.iNet GL-AR150 2.x prior to 3.x devices, configured as repeaters, allow cgi-bin/router_cgi?action=scanwifi XSS when an attacker creates an SSID with an XSS payload as the name.
Gl-inet Gl-ar150 Firmware
294
VMScore
CVE-2020-8689
Improper buffer restrictions in the Intel(R) Wireless for Open Source before version 1.5 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
Intel Inet Wireless Daemon
427
VMScore
CVE-2020-17497
eapol.c in iNet wireless daemon (IWD) up to and including 1.8 allows malicious users to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4.
Intel Inet Wireless Daemon
NA
CVE-2023-29778
GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection via /usr/lib/oui-httpd/rpc/logread.
Gl-inet Gl-mt3000 Firmware 4.1.0
NA
CVE-2023-46454
In GL.iNET GL-AR300M routers with firmware v4.3.7, it is possible to inject arbitrary shell commands through a crafted package name in the package information functionality.
Gl-inet Gl-ar300m Firmware 4.3.7
1 Github repository
NA
CVE-2023-46455
In GL.iNET GL-AR300M routers with firmware v4.3.7 it is possible to write arbitrary files through a path traversal attack in the OpenVPN client file upload functionality.
Gl-inet Gl-ar300m Firmware 4.3.7
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »