📦 Gl Ar300m Firmware

This CVE describes an NGINX authentication bypass vulnerability in GL.iNet router firmware that allows unauthenticated attackers to execute arbitrary commands. The flaw exists in Lua string pattern ma...

This vulnerability allows attackers to invoke the add_user interface in the system module on GL.iNet devices to gain root privileges. It affects multiple GL.iNet router models running firmware version...

This vulnerability allows remote attackers to execute arbitrary shell commands on GL.iNET GL-AR300M routers by injecting malicious commands into package names. Attackers can gain full control of affec...

This vulnerability allows remote attackers to execute arbitrary shell commands on GL.iNET GL-AR300M routers by exploiting improper input validation in the OpenVPN client file upload functionality. Att...

This vulnerability allows attackers to install arbitrary software on GL.iNet devices by bypassing client-side package verification. It enables remote code execution through the software installation f...

This vulnerability allows attackers who steal the AdminToken cookie to upload malicious crontab files to GL.iNet devices, leading to arbitrary code execution. It affects multiple GL.iNet router models...

This CVE describes a shell injection vulnerability in multiple GL.iNet router models that allows local attackers to execute arbitrary code via specific API functions. Attackers can exploit functions i...

This vulnerability in GL.iNet devices exposes Wi-Fi configuration details including SSID and encryption keys through an API endpoint. Attackers can retrieve Wi-Fi credentials, potentially gaining unau...

This CVE describes a command injection vulnerability in GL.iNet devices that allows attackers to create empty files anywhere on the filesystem. The vulnerability affects GL.iNet devices running firmwa...