Link | Resource |
---|---|
https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/s2s%20interface%20shell%20injection.md | Exploit Third Party Advisory |
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
Configuration 20 (hide)
AND |
|
Configuration 21 (hide)
AND |
|
Configuration 22 (hide)
AND |
|
Configuration 23 (hide)
AND |
|
Configuration 24 (hide)
AND |
|
Configuration 25 (hide)
AND |
|
Configuration 26 (hide)
AND |
|
Configuration 27 (hide)
AND |
|
Configuration 28 (hide)
AND |
|
12 Nov 2024, 17:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-77 |
15 Aug 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | (en) GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a vulnerability can be exploited to manipulate routers by passing malicious shell commands through the s2s API. |
07 Aug 2024, 20:55
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
Summary |
|
|
First Time |
Gl-inet sft1200 Firmware
Gl-inet sft1200 Gl-inet mt2500 Gl-inet mt6000 Firmware Gl-inet mv1000 Firmware Gl-inet mt300n-v2 Firmware Gl-inet ap1300 Firmware Gl-inet mt6000 Gl-inet usb150 Firmware Gl-inet mt3000 Firmware Gl-inet ax1800 Firmware Gl-inet x750 Gl-inet ar750 Gl-inet a1300 Gl-inet b1300 Firmware Gl-inet s1300 Firmware Gl-inet ar300m Gl-inet xe300 Gl-inet xe3000 Firmware Gl-inet axt1800 Gl-inet n300 Firmware Gl-inet ax1800 Gl-inet ar300m16 Gl-inet mt300n-v2 Gl-inet a1300 Firmware Gl-inet ar300m Firmware Gl-inet x300b Firmware Gl-inet b2200 Firmware Gl-inet mv1000 Gl-inet e750 Firmware Gl-inet mt1300 Firmware Gl-inet ar750s Firmware Gl-inet x750 Firmware Gl-inet b2200 Gl-inet Gl-inet ar300m16 Firmware Gl-inet mt2500 Firmware Gl-inet mv1000w Gl-inet xe300 Firmware Gl-inet mt1300 Gl-inet n300 Gl-inet sf1200 Firmware Gl-inet b1300 Gl-inet usb150 Gl-inet s1300 Gl-inet e750 Gl-inet x3000 Firmware Gl-inet sf1200 Gl-inet mt3000 Gl-inet ar750 Firmware Gl-inet xe3000 Gl-inet axt1800 Firmware Gl-inet x3000 Gl-inet x300b Gl-inet ar750s Gl-inet ap1300 Gl-inet mv1000w Firmware |
|
References | () http://ar750ar750sar300mar300m16mt300n-v2b1300mt1300sft1200x750.com - Broken Link | |
References | () https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/s2s%20interface%20shell%20injection.md - Exploit, Third Party Advisory | |
CPE | cpe:2.3:o:gl-inet:ap1300_firmware:3.217:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:x300b_firmware:4.5.16:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:mt300n-v2_firmware:4.3.11:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:mv1000w_firmware:3.216:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:axt1800:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:ar750:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:ar750s:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:n300_firmware:3.216:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:sf1200:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:ar300m16_firmware:4.3.11:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:mt1300:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:mt3000_firmware:4.5.16:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:mv1000:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:xe300:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:n300:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:x3000:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:mt300n-v2:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:x3000_firmware:4.4.8:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:sft1200_firmware:4.3.11:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:s1300_firmware:3.216:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:ap1300:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:mv1000w:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:ar750_firmware:4.3.11:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:mt2500_firmware:4.5.16:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:x300b:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:e750:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:xe300_firmware:4.3.16:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:mt3000:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:ar300m:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:ar750s_firmware:4.3.11:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:xe3000:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:mt6000:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:sf1200_firmware:3.216:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:s1300:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:b2200_firmware:3.216:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:b1300_firmware:4.3.11:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:usb150:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:xe3000_firmware:4.4.8:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:axt1800_firmware:4.5.16:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:b1300:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:mt2500:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:a1300_firmware:4.5.16:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:mv1000_firmware:3.216:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:ar300m_firmware:4.3.11:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:sft1200:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:x750:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:x750_firmware:4.3.11:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:e750_firmware:4.3.12:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:ax1800_firmware:4.5.16:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:mt6000_firmware:4.5.8:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:ax1800:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:ar300m16:-:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:b2200:-:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:mt1300_firmware:4.3.11:*:*:*:*:*:*:* cpe:2.3:o:gl-inet:usb150_firmware:3.216:*:*:*:*:*:*:* cpe:2.3:h:gl-inet:a1300:-:*:*:*:*:*:*:* |
|
CWE | CWE-22 |
06 Aug 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Published : 2024-08-06 16:15
Updated : 2024-11-12 17:35
NVD link : CVE-2024-39226
Mitre link : CVE-2024-39226
CVE.ORG link : CVE-2024-39226
JSON object : View
gl-inet
- mt6000_firmware
- ar750s_firmware
- s1300
- usb150_firmware
- sf1200
- x300b_firmware
- usb150
- ap1300
- mt2500_firmware
- mv1000_firmware
- n300_firmware
- xe300
- mt300n-v2
- e750
- sft1200_firmware
- ar300m16_firmware
- mt300n-v2_firmware
- x300b
- mv1000w
- ap1300_firmware
- mt3000_firmware
- x750_firmware
- x750
- mv1000w_firmware
- xe3000_firmware
- x3000
- axt1800
- xe300_firmware
- b2200_firmware
- ar750_firmware
- b1300_firmware
- b1300
- ar300m16
- mt3000
- s1300_firmware
- mt2500
- ar300m_firmware
- a1300_firmware
- ax1800
- n300
- a1300
- sft1200
- ar750
- axt1800_firmware
- ar300m
- mt1300
- b2200
- ar750s
- mv1000
- mt1300_firmware
- ax1800_firmware
- xe3000
- sf1200_firmware
- e750_firmware
- mt6000
- x3000_firmware