The vulnerability is an improper authentication flaw in the Factory Reset Handler of the affected GL.iNet devices. When the device is reset, manipulated input allows an attacker to bypass the authentication requirement, enabling unauthorized control of the device. This weakness is classified as CWE‑287, indicating a failure to properly verify the user's identity. The flaw can be triggered remotely, potentially giving a malicious actor admin‑level access to change settings, access network traffic, or install malware. The exploitation is described as difficult and high in complexity, but the consequence is significant if an attacker succeeds.

The flaw affects GL.iNet models GL‑RM1, GL‑RM10, GL‑RM10RC, and GL‑RM1PE running firmware version 1.8.1. An upgrade to firmware 1.8.2 resolves the issue. No further version details are listed, so owners of any devices running the mentioned model series with firmware 1.8.1 should be treated as vulnerable.

The CVSS score of 7.5 places the vulnerability in the high severity range. EPSS information is not available, and the flaw is not listed in the CISA KEV catalog. Attackers would need remote access to the device and must perform complex manipulation of the reset process to bypass authentication, making exploitation nontrivial. Nonetheless, given the remote initiation and significant impact on device control, the overall risk remains high for exposed or poorly isolated networks.