CVE-2024-45261 - Vulnerability Details

Description

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The SID generated for a specific user is not tied to that user itself, which allows other users to potentially use it for authentication. Once an attacker bypasses the application's authentication procedures, they can generate a valid SID, escalate privileges, and gain full control.

Published: 2024-10-24

Score: 8 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:gl-inet:mt2500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:mt2500:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:gl-inet:axt1800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:axt1800:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:gl-inet:ax1800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:ax1800:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:gl-inet:b3000_firmware:4.5.18:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:b3000:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:gl-inet:a1300_firmware:4.5.17:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:a1300:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:gl-inet:x300b_firmware:4.5.17:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:x300b:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:gl-inet:x3000_firmware:4.4.9:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:x3000:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:gl-inet:xe3000_firmware:4.4.9:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:xe3000:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:gl-inet:x750_firmware:4.3.18:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:x750:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:gl-inet:sft1200_firmware:4.3.18:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:sft1200:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:gl-inet:mt1300_firmware:4.3.18:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:mt1300:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:gl-inet:e750_firmware:4.3.17:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:e750:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:gl-inet:xe300_firmware:4.3.17:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:xe300:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:gl-inet:ar750_firmware:4.3.17:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:ar750:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:gl-inet:ar750s_firmware:4.3.17:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:ar750s:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:gl-inet:ar300m_firmware:4.3.17:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:ar300m:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:gl-inet:mt300n-v2_firmware:4.3.17:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:mt300n-v2:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:gl-inet:mt3000_firmware:4.6.2:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:gl-mt3000:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:gl-inet:ar300m16_firmware:4.3.17:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:ar300m16:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:gl-inet:mt6000_firmware:4.6.2:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:mt6000:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:gl-inet:b1300_firmware:4.3.17:*:*:*:*:*:*:*

cpe:2.3:h:gl-inet:b1300:-:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00025.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Bypassing%20Login%20Mechanism%20with%20Passwordless%20User%20Login.md

History

Wed, 15 Oct 2025 18:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Gl-inet a1300 Gl-inet a1300 Firmware Gl-inet ar300m Gl-inet ar300m16 Gl-inet ar300m16 Firmware Gl-inet ar300m Firmware Gl-inet ar750 Gl-inet ar750 Firmware Gl-inet ar750s Gl-inet ar750s Firmware Gl-inet ax1800 Gl-inet ax1800 Firmware Gl-inet axt1800 Gl-inet axt1800 Firmware Gl-inet b1300 Gl-inet b1300 Firmware Gl-inet b3000 Gl-inet b3000 Firmware Gl-inet e750 Gl-inet e750 Firmware Gl-inet gl-mt3000 Gl-inet mt1300 Gl-inet mt1300 Firmware Gl-inet mt2500 Gl-inet mt2500 Firmware Gl-inet mt3000 Firmware Gl-inet mt300n-v2 Gl-inet mt300n-v2 Firmware Gl-inet mt6000 Gl-inet mt6000 Firmware Gl-inet sft1200 Gl-inet sft1200 Firmware Gl-inet x3000 Gl-inet x3000 Firmware Gl-inet x300b Gl-inet x300b Firmware Gl-inet x750 Gl-inet x750 Firmware Gl-inet xe300 Gl-inet xe3000 Gl-inet xe3000 Firmware Gl-inet xe300 Firmware
CPEs		cpe:2.3:h:gl-inet:a1300:-:::::::* cpe:2.3:h:gl-inet:ar300m16:-:::::::* cpe:2.3:h:gl-inet:ar300m:-:::::::* cpe:2.3:h:gl-inet:ar750:-:::::::* cpe:2.3:h:gl-inet:ar750s:-:::::::* cpe:2.3:h:gl-inet:ax1800:-:::::::* cpe:2.3:h:gl-inet:axt1800:-:::::::* cpe:2.3:h:gl-inet:b1300:-:::::::* cpe:2.3:h:gl-inet:b3000:-:::::::* cpe:2.3:h:gl-inet:e750:-:::::::* cpe:2.3:h:gl-inet:gl-mt3000:-:::::::* cpe:2.3:h:gl-inet:mt1300:-:::::::* cpe:2.3:h:gl-inet:mt2500:-:::::::* cpe:2.3:h:gl-inet:mt300n-v2:-:::::::* cpe:2.3:h:gl-inet:mt6000:-:::::::* cpe:2.3:h:gl-inet:sft1200:-:::::::* cpe:2.3:h:gl-inet:x3000:-:::::::* cpe:2.3:h:gl-inet:x300b:-:::::::* cpe:2.3:h:gl-inet:x750:-:::::::* cpe:2.3:h:gl-inet:xe3000:-:::::::* cpe:2.3:h:gl-inet:xe300:-:::::::* cpe:2.3:o:gl-inet:a1300_firmware:4.5.17:::::::* cpe:2.3:o:gl-inet:ar300m16_firmware:4.3.17:::::::* cpe:2.3:o:gl-inet:ar300m_firmware:4.3.17:::::::* cpe:2.3:o:gl-inet:ar750_firmware:4.3.17:::::::* cpe:2.3:o:gl-inet:ar750s_firmware:4.3.17:::::::* cpe:2.3:o:gl-inet:ax1800_firmware:::::::: cpe:2.3:o:gl-inet:axt1800_firmware:::::::: cpe:2.3:o:gl-inet:b1300_firmware:4.3.17:::::::* cpe:2.3:o:gl-inet:b3000_firmware:4.5.18:::::::* cpe:2.3:o:gl-inet:e750_firmware:4.3.17:::::::* cpe:2.3:o:gl-inet:mt1300_firmware:4.3.18:::::::* cpe:2.3:o:gl-inet:mt2500_firmware:::::::: cpe:2.3:o:gl-inet:mt3000_firmware:4.6.2:::::::* cpe:2.3:o:gl-inet:mt300n-v2_firmware:4.3.17:::::::* cpe:2.3:o:gl-inet:mt6000_firmware:4.6.2:::::::* cpe:2.3:o:gl-inet:sft1200_firmware:4.3.18:::::::* cpe:2.3:o:gl-inet:x3000_firmware:4.4.9:::::::* cpe:2.3:o:gl-inet:x300b_firmware:4.5.17:::::::* cpe:2.3:o:gl-inet:x750_firmware:4.3.18:::::::* cpe:2.3:o:gl-inet:xe3000_firmware:4.4.9:::::::* cpe:2.3:o:gl-inet:xe300_firmware:4.3.17:::::::*
Vendors & Products		Gl-inet a1300 Gl-inet a1300 Firmware Gl-inet ar300m Gl-inet ar300m16 Gl-inet ar300m16 Firmware Gl-inet ar300m Firmware Gl-inet ar750 Gl-inet ar750 Firmware Gl-inet ar750s Gl-inet ar750s Firmware Gl-inet ax1800 Gl-inet ax1800 Firmware Gl-inet axt1800 Gl-inet axt1800 Firmware Gl-inet b1300 Gl-inet b1300 Firmware Gl-inet b3000 Gl-inet b3000 Firmware Gl-inet e750 Gl-inet e750 Firmware Gl-inet gl-mt3000 Gl-inet mt1300 Gl-inet mt1300 Firmware Gl-inet mt2500 Gl-inet mt2500 Firmware Gl-inet mt3000 Firmware Gl-inet mt300n-v2 Gl-inet mt300n-v2 Firmware Gl-inet mt6000 Gl-inet mt6000 Firmware Gl-inet sft1200 Gl-inet sft1200 Firmware Gl-inet x3000 Gl-inet x3000 Firmware Gl-inet x300b Gl-inet x300b Firmware Gl-inet x750 Gl-inet x750 Firmware Gl-inet xe300 Gl-inet xe3000 Gl-inet xe3000 Firmware Gl-inet xe300 Firmware

Mon, 28 Oct 2024 20:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Gl-inet Gl-inet gl-a1300 Firmware Gl-inet gl-ar300m16 Firmware Gl-inet gl-ar300m Firmware Gl-inet gl-ar750 Firmware Gl-inet gl-ar750s Firmware Gl-inet gl-ax1800 Firmware Gl-inet gl-axt1800 Firmware Gl-inet gl-b1300 Firmware Gl-inet gl-b3000 Firmware Gl-inet gl-e750 Firmware Gl-inet gl-mt1300 Firmware Gl-inet gl-mt2500 Firmware Gl-inet gl-mt3000 Firmware Gl-inet gl-mt300n-v2 Firmware Gl-inet gl-mt6000 Firmware Gl-inet gl-sft1200 Firmware Gl-inet gl-x3000 Firmware Gl-inet gl-x300b Firmware Gl-inet gl-x750 Firmware Gl-inet gl-xe300 Firmware
Weaknesses		CWE-863
CPEs		cpe:2.3:o:gl-inet:gl-a1300_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-ar300m16_firmware:::::::: cpe:2.3:o:gl-inet:gl-ar300m_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-ar750_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-ar750s_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-ax1800_firmware:::::::: cpe:2.3:o:gl-inet:gl-axt1800_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-b1300_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-b3000_firmware:::::::: cpe:2.3:o:gl-inet:gl-e750_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-mt1300_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-mt2500_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-mt3000_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-mt6000_firmware:::::::: cpe:2.3:o:gl-inet:gl-sft1200_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-x3000_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-x300b_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-x750_firmware:-:::::::* cpe:2.3:o:gl-inet:gl-xe300_firmware:-:::::::*
Vendors & Products		Gl-inet Gl-inet gl-a1300 Firmware Gl-inet gl-ar300m16 Firmware Gl-inet gl-ar300m Firmware Gl-inet gl-ar750 Firmware Gl-inet gl-ar750s Firmware Gl-inet gl-ax1800 Firmware Gl-inet gl-axt1800 Firmware Gl-inet gl-b1300 Firmware Gl-inet gl-b3000 Firmware Gl-inet gl-e750 Firmware Gl-inet gl-mt1300 Firmware Gl-inet gl-mt2500 Firmware Gl-inet gl-mt3000 Firmware Gl-inet gl-mt300n-v2 Firmware Gl-inet gl-mt6000 Firmware Gl-inet gl-sft1200 Firmware Gl-inet gl-x3000 Firmware Gl-inet gl-x300b Firmware Gl-inet gl-x750 Firmware Gl-inet gl-xe300 Firmware
Metrics		cvssV3_1 `{'score': 8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 24 Oct 2024 20:30:00 +0000

Type	Values Removed	Values Added
Description		An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The SID generated for a specific user is not tied to that user itself, which allows other users to potentially use it for authentication. Once an attacker bypasses the application's authentication procedures, they can generate a valid SID, escalate privileges, and gain full control.
References		https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Bypassing%20Login%20Mechanism%20with%20Passwordless%20User%20Login.md

Subscriptions

Gl-inet A1300 A1300 Firmware Ar300m Ar300m16 Ar300m16 Firmware Ar300m Firmware Ar750 Ar750 Firmware Ar750s Ar750s Firmware Ax1800 Ax1800 Firmware Axt1800 Axt1800 Firmware B1300 B1300 Firmware B3000 B3000 Firmware E750 E750 Firmware Gl-a1300 Firmware Gl-ar300m16 Firmware Gl-ar300m Firmware Gl-ar750 Firmware Gl-ar750s Firmware Gl-ax1800 Firmware Gl-axt1800 Firmware Gl-b1300 Firmware Gl-b3000 Firmware Gl-e750 Firmware Gl-mt1300 Firmware Gl-mt2500 Firmware Gl-mt3000 Gl-mt3000 Firmware Gl-mt300n-v2 Firmware Gl-mt6000 Firmware Gl-sft1200 Firmware Gl-x3000 Firmware Gl-x300b Firmware Gl-x750 Firmware Gl-xe300 Firmware Mt1300 Mt1300 Firmware Mt2500 Mt2500 Firmware Mt3000 Firmware Mt300n-v2 Mt300n-v2 Firmware Mt6000 Mt6000 Firmware Sft1200 Sft1200 Firmware X3000 X3000 Firmware X300b X300b Firmware X750 X750 Firmware Xe300 Xe3000 Xe3000 Firmware Xe300 Firmware

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-10-24T00:00:00.000Z

Updated: 2024-10-28T19:19:59.290Z

Reserved: 2024-08-25T00:00:00.000Z

Link: CVE-2024-45261

Vulnrichment

Updated: 2024-10-28T19:01:43.032Z

NVD

Status : Analyzed

Published: 2024-10-24T21:15:12.057

Modified: 2025-10-15T17:54:46.297

Link: CVE-2024-45261

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-863

Tracking

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object