📦 Ax1800 Firmware

This vulnerability allows unauthenticated attackers to execute arbitrary code or perform directory traversal attacks on affected GL-iNet routers via the /cgi-bin/glc endpoint. Attackers can exploit in...

This CVE describes a remote code execution vulnerability in multiple GL-iNet router models that allows attackers to bypass authentication mechanisms and execute arbitrary code. The vulnerability affec...

This CVE describes a shell injection vulnerability in GL-iNet router firmware that allows remote attackers to execute arbitrary commands with root privileges. The vulnerability exists in the OpenVPN c...

This vulnerability allows attackers to bypass authentication on affected GL-iNet routers by exploiting improperly generated session IDs (SIDs) that aren't tied to specific users. Attackers can generat...

This vulnerability allows attackers to upload arbitrary files to affected GL-iNet router devices via the upload interface. Once uploaded, these files can be executed, potentially leading to informatio...

This vulnerability allows attackers to download files including logs from affected GL-iNet devices via commands, potentially exposing sensitive user information. It affects multiple GL-iNet router mod...

The LuCI web interface on GL.Inet AX1800 routers lacks rate limiting or account lockout mechanisms on the authentication endpoint, allowing unauthenticated attackers on the local network to perform un...

A race condition vulnerability in GL.iNet AX1800 router firmware allows authenticated attackers to bypass file locking mechanisms and potentially execute arbitrary code with root privileges. The issue...

This vulnerability allows attackers to delete arbitrary files on affected GL-iNet router devices by intercepting HTTP requests and manipulating the filename parameter in the download interface. Attack...