Gl Ar300M Lite Firmware
Monthly
Command injection vulnerability in firmware_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Directory traversal vulnerability in storage_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to have unspecified impact via directory traversal sequences. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
download_file in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to download arbitrary files. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Command injection vulnerability in login_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Command injection vulnerability in firmware_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Directory traversal vulnerability in storage_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to have unspecified impact via directory traversal sequences. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
download_file in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to download arbitrary files. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Command injection vulnerability in login_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.