Today > 2 Critical | 2 High | 6 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-39227

Aug. 6, 2024, 5:15 p.m.

Product(s) Impacted

GL-iNet AR750

  • 4.3.11

GL-iNet AR750S

  • 4.3.11

GL-iNet AR300M

  • 4.3.11

GL-iNet AR300M16

  • 4.3.11

GL-iNet MT300N-V2

  • 4.3.11

GL-iNet B1300

  • 4.3.11

GL-iNet MT1300

  • 4.3.11

GL-iNet SFT1200

  • 4.3.11

GL-iNet X750

  • 4.3.11

GL-iNet MT3000

  • 4.5.16

GL-iNet MT2500

  • 4.5.16

GL-iNet AXT1800

  • 4.5.16

GL-iNet AX1800

  • 4.5.16

GL-iNet A1300

  • 4.5.16

GL-iNet X300B

  • 4.5.16

GL-iNet XE300

  • 4.3.16

GL-iNet E750

  • 4.3.12

GL-iNet AP1300

  • 4.3.13

GL-iNet S1300

  • 4.3.13

GL-iNet XE3000

  • 4.4

GL-iNet X3000

  • 4.4

Description

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a shell injection vulnerability via the interface check_ovpn_client_config.

Weaknesses

Date

Published: Aug. 6, 2024, 5:15 p.m.

Last Modified: Aug. 6, 2024, 5:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References