Severity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionCVE.org
A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 1.8.2 can resolve this issue. It is advisable to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
AnalysisAI
Remote authentication bypass in GL.iNet GL-RM1, GL-RM10, GL-RM10RC, and GL-RM1PE versions up to 1.8.1 allows authenticated remote attackers with high privileges to manipulate the Factory Reset Handler component, resulting in improper authentication controls. The vulnerability requires high attack complexity and is difficult to exploit but enables unauthorized access to sensitive device functionality. A vendor-released patch addressing this issue is available in version 1.8.2.
Technical ContextAI
The vulnerability stems from improper authentication handling (CWE-287) in the Factory Reset Handler component of GL.iNet's KVM remote access appliances. The affected products are network routers and remote management devices that rely on authentication mechanisms to control factory reset operations. The flaw appears in the authentication validation logic when processing factory reset requests, potentially allowing manipulation of the reset process by privileged remote users to bypass intended access controls. The issue affects GL.iNet's GL-RM series across multiple hardware variants (GL-RM1, GL-RM10, GL-RM10RC, GL-RM1PE), all tracking to version 1.8.1 as the last vulnerable firmware release.
RemediationAI
Vendor-released patch: GL.iNet GL-RM series firmware version 1.8.2 and later. Users should download and install the patched firmware from the official GL.iNet distribution server at dl.gl-inet.com/kvm/. The vendor has confirmed the fix resolves the Factory Reset Handler authentication bypass and recommends immediate upgrade for all affected devices. No interim workarounds short of firmware upgrade are documented; organizations unable to immediately patch should restrict network access to the remote management interface and audit privileged account activity for suspicious reset operations.
Same weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-20928
GHSA-69gc-w6vg-q56g