CVE-2025-67091

all versions

An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custo

6.5MEDIUM

CVE-2025-67090

all versions

The LuCI web interface on Gl Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. Fix available in version 4.8.2 GL.Inet AX18

5.1MEDIUM

CVE-2025-66848

<= 4.3.1.r4308

JD Cloud NAS routers AX1800 (4.3.1.r4308 and earlier), AX3000 (4.3.1.r4318 and earlier), AX6600 (4.5.1.r4533 and earlier), BE6500

9.8CRITICAL

CVE-2024-45263

>= 4.6.2 and < 4.6.4

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The upload interf

8.8HIGH

CVE-2024-45262

>= 4.6.2 and < 4.6.4

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The params parame

8.8HIGH

CVE-2024-45261

>= 4.6.2 and < 4.6.4

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The SID generated

8.0HIGH

CVE-2024-45260

>= 4.6.2 and < 4.6.4

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. Users who belong

8.0HIGH

CVE-2024-45259

>= 4.6.2 and < 4.6.4

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. By intercepting a

6.5MEDIUM

CVE-2024-28077

all versions

A denial-of-service issue was discovered on certain GL-iNet devices. Some websites can detect devices exposed to the external netw

7.5HIGH

CVE-2024-39229

all versions

An issue in GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX180

5.3MEDIUM

CVE-2024-39227

all versions

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300

9.8CRITICAL

CVE-2024-39228

all versions

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300

9.8CRITICAL

CVE-2024-39226

all versions

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300

9.8CRITICAL

CVE-2024-39225

all versions

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300

9.8CRITICAL

CVE-2024-27356

all versions

An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining

7.5HIGH

CVE-2020-14099

< 1.0.336

On Xiaomi router AX1800 rom version < 1.0.336 and RM1800 root version < 1.0.26, the encryption scheme for a user's backup files us

7.5HIGH

CVE-2020-14102

< 1.0.336

There is command injection when ddns processes the hostname, which causes the administrator user to obtain the root privilege of t

7.2HIGH

CVE-2020-14101

< 1.0.336

The data collection SDK of the router web management interface caused the leakage of the token. This affects Xiaomi router AX1800r

7.5HIGH

CVE-2020-14098

< 1.0.336

The login verification can be bypassed by using the problem that the time is not synchronized after the router restarts. This affe

7.5HIGH