GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain insecure permissions in the endpoint /cgi-bin/glc. This vulnerability allows unauthenticated attackers to execute arbitrary code or possibly a directory traversal via crafted JSON data.
[
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-mt2500:4.5.16:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-mt2500",
"versions": [
{
"status": "affected",
"version": "4.5.16"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-axt1800:4.5.16:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-axt1800",
"versions": [
{
"status": "affected",
"version": "4.5.16"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-ax1800:4.5.16:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-ax1800",
"versions": [
{
"status": "affected",
"version": "4.5.16"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-a1300:4.5.16:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-a1300",
"versions": [
{
"status": "affected",
"version": "4.5.16"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-x300b:4.5.16:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-x300b",
"versions": [
{
"status": "affected",
"version": "4.5.16"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-xe300:4.3.16:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-xe300",
"versions": [
{
"status": "affected",
"version": "4.3.16"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-e750:4.3.12:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-e750",
"versions": [
{
"status": "affected",
"version": "4.3.12"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-ap1300:4.3.13:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-ap1300",
"versions": [
{
"status": "affected",
"version": "4.3.13"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-s1300:4.3.13:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-s1300",
"versions": [
{
"status": "affected",
"version": "4.3.13"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-xe3000:4.4:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-xe3000",
"versions": [
{
"status": "affected",
"version": "4.4"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-x3000:4.4:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-x3000",
"versions": [
{
"status": "affected",
"version": "4.4"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-ar750:4.3.11:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-ar750",
"versions": [
{
"status": "affected",
"version": "4.3.11"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-ar750s:4.3.11:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-ar750s",
"versions": [
{
"status": "affected",
"version": "4.3.11"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-ar300m:4.3.11:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-ar300m",
"versions": [
{
"status": "affected",
"version": "4.3.11"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-ar300m16:4.3.11:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-ar300m16",
"versions": [
{
"status": "affected",
"version": "4.3.11"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-ar300n-v2:4.3.11:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-ar300n-v2",
"versions": [
{
"status": "affected",
"version": "4.3.11"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-b1300:4.3.11:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-b1300",
"versions": [
{
"status": "affected",
"version": "4.3.11"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-mt1300:4.3.11:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-mt1300",
"versions": [
{
"status": "affected",
"version": "4.3.11"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-sft1200:4.3.11:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-sft1200",
"versions": [
{
"status": "affected",
"version": "4.3.11"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-x750:4.3.11:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-x750",
"versions": [
{
"status": "affected",
"version": "4.3.11"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gl-inet:gl-mt3000:4.5.16:*:*:*:*:*:*:*"
],
"vendor": "gl-inet",
"product": "gl-mt3000",
"versions": [
{
"status": "affected",
"version": "4.5.16"
}
],
"defaultStatus": "unknown"
}
]