CVE-2024-39229
Aug. 6, 2024, 5:15 p.m.
Tags
Product(s) Impacted
GL-iNet XE300
- 4.3.16
GL-iNet E750
- 4.3.12
GL-iNet AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750
- 4.3.11
- 4.5.16
- 4.3.16
- 4.3.12
- 4.3.13
GL-iNet MT3000/MT2500/AXT1800/AX1800/A1300/X300B
- 4.5.16
GL-iNet AP1300/S1300
- 4.3.13
GL-iNet XE3000/X3000
- 4
GL-iNet B2200/MV1000/MV1000W/USB150/N300/SF1200
- 3.216
Description
An issue in GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, XE3000/X3000 v4, and B2200/MV1000/MV1000W/USB150/N300/SF1200 v3.216 allows attackers to intercept communications via a man-in-the-middle attack when DDNS clients are reporting data to the server.
Weaknesses
Date
Published: Aug. 6, 2024, 5:15 p.m.
Last Modified: Aug. 6, 2024, 5:15 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org