Today > 2 Critical | 2 High | 8 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-39229

Aug. 6, 2024, 5:15 p.m.

Product(s) Impacted

GL-iNet XE300

  • 4.3.16

GL-iNet E750

  • 4.3.12

GL-iNet AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750

  • 4.3.11
  • 4.5.16
  • 4.3.16
  • 4.3.12
  • 4.3.13

GL-iNet MT3000/MT2500/AXT1800/AX1800/A1300/X300B

  • 4.5.16

GL-iNet AP1300/S1300

  • 4.3.13

GL-iNet XE3000/X3000

  • 4

GL-iNet B2200/MV1000/MV1000W/USB150/N300/SF1200

  • 3.216

Description

An issue in GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, XE3000/X3000 v4, and B2200/MV1000/MV1000W/USB150/N300/SF1200 v3.216 allows attackers to intercept communications via a man-in-the-middle attack when DDNS clients are reporting data to the server.

Weaknesses

Date

Published: Aug. 6, 2024, 5:15 p.m.

Last Modified: Aug. 6, 2024, 5:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References