Skip to main content

Gl Rm1 CVE-2026-5959

| EUVDEUVD-2026-20928 HIGH
Improper Authentication (CWE-287)
2026-04-09 VulDB GHSA-69gc-w6vg-q56g
7.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

5
Re-analysis Queued
Apr 24, 2026 - 18:07 vuln.today
cvss_changed
EUVD ID Assigned
Apr 09, 2026 - 15:00 euvd
EUVD-2026-20928
Analysis Generated
Apr 09, 2026 - 15:00 vuln.today
Patch released
Apr 09, 2026 - 15:00 nvd
Patch available
CVE Published
Apr 09, 2026 - 14:30 nvd
HIGH 7.5

DescriptionCVE.org

A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 1.8.2 can resolve this issue. It is advisable to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

AnalysisAI

Remote authentication bypass in GL.iNet GL-RM1, GL-RM10, GL-RM10RC, and GL-RM1PE versions up to 1.8.1 allows authenticated remote attackers with high privileges to manipulate the Factory Reset Handler component, resulting in improper authentication controls. The vulnerability requires high attack complexity and is difficult to exploit but enables unauthorized access to sensitive device functionality. A vendor-released patch addressing this issue is available in version 1.8.2.

Technical ContextAI

The vulnerability stems from improper authentication handling (CWE-287) in the Factory Reset Handler component of GL.iNet's KVM remote access appliances. The affected products are network routers and remote management devices that rely on authentication mechanisms to control factory reset operations. The flaw appears in the authentication validation logic when processing factory reset requests, potentially allowing manipulation of the reset process by privileged remote users to bypass intended access controls. The issue affects GL.iNet's GL-RM series across multiple hardware variants (GL-RM1, GL-RM10, GL-RM10RC, GL-RM1PE), all tracking to version 1.8.1 as the last vulnerable firmware release.

RemediationAI

Vendor-released patch: GL.iNet GL-RM series firmware version 1.8.2 and later. Users should download and install the patched firmware from the official GL.iNet distribution server at dl.gl-inet.com/kvm/. The vendor has confirmed the fix resolves the Factory Reset Handler authentication bypass and recommends immediate upgrade for all affected devices. No interim workarounds short of firmware upgrade are documented; organizations unable to immediately patch should restrict network access to the remote management interface and audit privileged account activity for suspicious reset operations.

Share

CVE-2026-5959 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy