Home/Product/gl inet gl ax1800 firmware
Product

gl inet gl ax1800 firmware

16 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-50920
all versions
An issue was discovered on GL.iNet devices before version 4.5.0. They assign the same session ID after each user reboot, allowing
5.5MEDIUM
 CVE-2023-50919
all versions
An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string pattern ma
9.8CRITICAL
 CVE-2023-50921
all versions
An issue was discovered on GL.iNet devices through 4.5.0. Attackers can invoke the add_user interface in the system module to gain
9.8CRITICAL
 CVE-2023-50922
all versions
An issue was discovered on GL.iNet devices through 4.5.0. Attackers who are able to steal the AdminToken cookie can execute arbitr
7.2HIGH
 CVE-2023-50445
all versions
Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT
7.8HIGH
 CVE-2023-47464
>= 4.0.0 and < 4.5.0
Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code
8.8HIGH
 CVE-2023-47463
>= 4.0.0 and < 4.5.0
Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code
9.8CRITICAL
 CVE-2023-47462
<= 3.125
Insecure Permissions vulnerability in GL.iNet AX1800 v.3.215 and before allows a remote attacker to execute arbitrary code via the
9.8CRITICAL
 CVE-2023-31475
< 3.216
An issue was discovered on GL.iNet devices before 3.216. The function guci2_get() found in libglutil.so has a buffer overflow when
9.8CRITICAL
 CVE-2023-31473
< 3.216
An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created an
4.9MEDIUM
 CVE-2023-31477
< 3.216
A path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share a
7.5HIGH
 CVE-2023-31471
< 3.216
An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to install arbi
9.8CRITICAL
 CVE-2023-31478
< 3.216
An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, includ
7.5HIGH
 CVE-2023-31474
< 3.216
An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbit
7.5HIGH
 CVE-2023-31472
< 3.216
An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created an
7.5HIGH
 CVE-2022-31898
all versions
gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities
6.8MEDIUM
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh