An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The upload interface allows the uploading of arbitrary files to the device. Once the device executes the files, it can lead to information leakage, enabling complete control.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
Configuration 1 [-]
| AND |
|
Configuration 2 [-]
| AND |
|
Configuration 3 [-]
| AND |
|
Configuration 4 [-]
| AND |
|
Configuration 5 [-]
| AND |
|
Configuration 6 [-]
| AND |
|
Configuration 7 [-]
| AND |
|
Configuration 8 [-]
| AND |
|
Configuration 9 [-]
| AND |
|
Configuration 10 [-]
| AND |
|
Configuration 11 [-]
| AND |
|
Configuration 12 [-]
| AND |
|
Configuration 13 [-]
| AND |
|
Configuration 14 [-]
| AND |
|
Configuration 15 [-]
| AND |
|
Configuration 16 [-]
| AND |
|
Configuration 17 [-]
| AND |
|
Configuration 18 [-]
| AND |
|
Configuration 19 [-]
| AND |
|
Configuration 20 [-]
| AND |
|
Configuration 21 [-]
| AND |
|
No data.
No data.
Project Subscriptions
| Vendors | Products |
|---|---|
|
Gl-inet
Subscribe
|
A1300
Subscribe
A1300 Firmware
Subscribe
Ar300m
Subscribe
Ar300m16
Subscribe
Ar300m16 Firmware
Subscribe
Ar300m Firmware
Subscribe
Ar750
Subscribe
Ar750 Firmware
Subscribe
Ar750s
Subscribe
Ar750s Firmware
Subscribe
Ax1800
Subscribe
Ax1800 Firmware
Subscribe
Axt1800
Subscribe
Axt1800 Firmware
Subscribe
B1300
Subscribe
B1300 Firmware
Subscribe
B3000
Subscribe
B3000 Firmware
Subscribe
E750
Subscribe
E750 Firmware
Subscribe
Gl-a1300 Firmware
Subscribe
Gl-ar300m16 Firmware
Subscribe
Gl-ar300m Firmware
Subscribe
Gl-ar750 Firmware
Subscribe
Gl-ar750s Firmware
Subscribe
Gl-ax1800 Firmware
Subscribe
Gl-axt1800 Firmware
Subscribe
Gl-b1300 Firmware
Subscribe
Gl-b3000 Firmware
Subscribe
Gl-e750 Firmware
Subscribe
Gl-mt1300 Firmware
Subscribe
Gl-mt2500 Firmware
Subscribe
Gl-mt3000
Subscribe
Gl-mt3000 Firmware
Subscribe
Gl-mt300n-v2 Firmware
Subscribe
Gl-mt6000 Firmware
Subscribe
Gl-sft1200 Firmware
Subscribe
Gl-x3000 Firmware
Subscribe
Gl-x300b Firmware
Subscribe
Gl-x750 Firmware
Subscribe
Gl-xe300 Firmware
Subscribe
Mt1300
Subscribe
Mt1300 Firmware
Subscribe
Mt2500
Subscribe
Mt2500 Firmware
Subscribe
Mt3000 Firmware
Subscribe
Mt300n-v2
Subscribe
Mt300n-v2 Firmware
Subscribe
Mt6000
Subscribe
Mt6000 Firmware
Subscribe
Sft1200
Subscribe
Sft1200 Firmware
Subscribe
X3000
Subscribe
X3000 Firmware
Subscribe
X300b
Subscribe
X300b Firmware
Subscribe
X750
Subscribe
X750 Firmware
Subscribe
Xe300
Subscribe
Xe3000
Subscribe
Xe3000 Firmware
Subscribe
Xe300 Firmware
Subscribe
|
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Mon, 29 Sep 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Gl-inet a1300
Gl-inet a1300 Firmware Gl-inet ar300m Gl-inet ar300m16 Gl-inet ar300m16 Firmware Gl-inet ar300m Firmware Gl-inet ar750 Gl-inet ar750 Firmware Gl-inet ar750s Gl-inet ar750s Firmware Gl-inet ax1800 Gl-inet ax1800 Firmware Gl-inet axt1800 Gl-inet axt1800 Firmware Gl-inet b1300 Gl-inet b1300 Firmware Gl-inet b3000 Gl-inet b3000 Firmware Gl-inet e750 Gl-inet e750 Firmware Gl-inet gl-mt3000 Gl-inet mt1300 Gl-inet mt1300 Firmware Gl-inet mt2500 Gl-inet mt2500 Firmware Gl-inet mt3000 Firmware Gl-inet mt300n-v2 Gl-inet mt300n-v2 Firmware Gl-inet mt6000 Gl-inet mt6000 Firmware Gl-inet sft1200 Gl-inet sft1200 Firmware Gl-inet x3000 Gl-inet x3000 Firmware Gl-inet x300b Gl-inet x300b Firmware Gl-inet x750 Gl-inet x750 Firmware Gl-inet xe300 Gl-inet xe3000 Gl-inet xe3000 Firmware Gl-inet xe300 Firmware |
|
| CPEs | cpe:2.3:h:gl-inet:a1300:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:ar300m16:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:ar300m:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:ar750:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:ar750s:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:ax1800:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:axt1800:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:b1300:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:b3000:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:e750:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:gl-mt3000:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:mt1300:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:mt2500:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:mt300n-v2:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:mt6000:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:sft1200:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:x3000:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:x300b:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:x750:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:xe3000:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:xe300:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:a1300_firmware:4.5.17:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:ar300m16_firmware:4.3.17:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:ar300m_firmware:4.3.17:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:ar750_firmware:4.3.17:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:ar750s_firmware:4.3.17:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:ax1800_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:axt1800_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:b1300_firmware:4.3.17:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:b3000_firmware:4.5.18:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:e750_firmware:4.3.17:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:mt1300_firmware:4.3.18:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:mt2500_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:mt3000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:mt300n-v2_firmware:4.3.17:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:mt6000_firmware:4.6.2:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:sft1200_firmware:4.3.18:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:x3000_firmware:4.4.9:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:x300b_firmware:4.5.17:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:x750_firmware:4.3.18:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:xe3000_firmware:4.4.9:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:xe300_firmware:4.3.17:*:*:*:*:*:*:* |
|
| Vendors & Products |
Gl-inet a1300
Gl-inet a1300 Firmware Gl-inet ar300m Gl-inet ar300m16 Gl-inet ar300m16 Firmware Gl-inet ar300m Firmware Gl-inet ar750 Gl-inet ar750 Firmware Gl-inet ar750s Gl-inet ar750s Firmware Gl-inet ax1800 Gl-inet ax1800 Firmware Gl-inet axt1800 Gl-inet axt1800 Firmware Gl-inet b1300 Gl-inet b1300 Firmware Gl-inet b3000 Gl-inet b3000 Firmware Gl-inet e750 Gl-inet e750 Firmware Gl-inet gl-mt3000 Gl-inet mt1300 Gl-inet mt1300 Firmware Gl-inet mt2500 Gl-inet mt2500 Firmware Gl-inet mt3000 Firmware Gl-inet mt300n-v2 Gl-inet mt300n-v2 Firmware Gl-inet mt6000 Gl-inet mt6000 Firmware Gl-inet sft1200 Gl-inet sft1200 Firmware Gl-inet x3000 Gl-inet x3000 Firmware Gl-inet x300b Gl-inet x300b Firmware Gl-inet x750 Gl-inet x750 Firmware Gl-inet xe300 Gl-inet xe3000 Gl-inet xe3000 Firmware Gl-inet xe300 Firmware |
Mon, 28 Oct 2024 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Gl-inet
Gl-inet gl-a1300 Firmware Gl-inet gl-ar300m16 Firmware Gl-inet gl-ar300m Firmware Gl-inet gl-ar750 Firmware Gl-inet gl-ar750s Firmware Gl-inet gl-ax1800 Firmware Gl-inet gl-axt1800 Firmware Gl-inet gl-b1300 Firmware Gl-inet gl-b3000 Firmware Gl-inet gl-e750 Firmware Gl-inet gl-mt1300 Firmware Gl-inet gl-mt2500 Firmware Gl-inet gl-mt3000 Firmware Gl-inet gl-mt300n-v2 Firmware Gl-inet gl-mt6000 Firmware Gl-inet gl-sft1200 Firmware Gl-inet gl-x3000 Firmware Gl-inet gl-x300b Firmware Gl-inet gl-x750 Firmware Gl-inet gl-xe300 Firmware |
|
| Weaknesses | CWE-434 | |
| CPEs | cpe:2.3:o:gl-inet:gl-a1300_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-ar300m16_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-ar300m_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-ar750_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-ar750s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-ax1800_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-axt1800_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-b1300_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-b3000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-e750_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-mt1300_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-mt2500_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-mt3000_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-mt6000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-sft1200_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-x3000_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-x300b_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-x750_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:gl-xe300_firmware:-:*:*:*:*:*:*:* |
|
| Vendors & Products |
Gl-inet
Gl-inet gl-a1300 Firmware Gl-inet gl-ar300m16 Firmware Gl-inet gl-ar300m Firmware Gl-inet gl-ar750 Firmware Gl-inet gl-ar750s Firmware Gl-inet gl-ax1800 Firmware Gl-inet gl-axt1800 Firmware Gl-inet gl-b1300 Firmware Gl-inet gl-b3000 Firmware Gl-inet gl-e750 Firmware Gl-inet gl-mt1300 Firmware Gl-inet gl-mt2500 Firmware Gl-inet gl-mt3000 Firmware Gl-inet gl-mt300n-v2 Firmware Gl-inet gl-mt6000 Firmware Gl-inet gl-sft1200 Firmware Gl-inet gl-x3000 Firmware Gl-inet gl-x300b Firmware Gl-inet gl-x750 Firmware Gl-inet gl-xe300 Firmware |
|
| Metrics |
cvssV3_1
|
Thu, 24 Oct 2024 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The upload interface allows the uploading of arbitrary files to the device. Once the device executes the files, it can lead to information leakage, enabling complete control. | |
| References |
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-10-28T18:52:30.245Z
Reserved: 2024-08-25T00:00:00
Link: CVE-2024-45263
Vulnrichment
Updated: 2024-10-28T18:45:06.617Z
NVD
Status : Analyzed
Published: 2024-10-24T21:15:12.217
Modified: 2025-09-29T15:02:17.183
Link: CVE-2024-45263
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses