Skip to main content

N300 Firmware

11 CVEs product

Monthly

CVE-2024-39229 MEDIUM POC This Month

An issue in GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Mt6000 Firmware A1300 Firmware X300B Firmware Ax1800 Firmware +24
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2024-39227 CRITICAL POC Act Now

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Path Traversal Mt6000 Firmware A1300 Firmware X300B Firmware +25
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2024-39228 CRITICAL POC Act Now

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Mt6000 Firmware A1300 Firmware X300B Firmware Ax1800 Firmware +24
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-39226 CRITICAL POC THREAT Act Now

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Mt6000 Firmware A1300 Firmware X300B Firmware Ax1800 Firmware +24
NVD GitHub
CVSS 3.1
9.8
EPSS
20.6%
CVE-2024-39225 CRITICAL POC THREAT Act Now

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Mt6000 Firmware A1300 Firmware X300B Firmware Ax1800 Firmware +24
NVD GitHub
CVSS 3.1
9.8
EPSS
14.5%
CVE-2024-25343 CRITICAL Act Now

Tenda N300 F3 router vulnerability allows users to bypass intended security policy and create weak passwords. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Tenda N300 Firmware
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.5%
CVE-2024-27356 HIGH POC THREAT This Week

An issue was discovered on certain GL-iNet devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mt6000 Firmware Xe3000 Firmware X3000 Firmware Mt3000 Firmware +22
NVD GitHub Exploit-DB
CVSS 3.1
7.5
EPSS
23.9%
CVE-2023-4498 MEDIUM This Month

Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Tenda N300 Firmware
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2022-30105 CRITICAL POC Act Now

In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible before and after configuring the device, exhibits multiple remote command injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection N300 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2013-3092 HIGH POC This Week

The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass N300 Firmware N300
NVD
CVSS 2.0
8.3
EPSS
0.7%
CVE-2013-3089 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF N300 Firmware N300
NVD
CVSS 2.0
6.8
EPSS
0.1%
EPSS 0% CVSS 5.3
MEDIUM POC This Month

An issue in GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Mt6000 Firmware A1300 Firmware +26
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Path Traversal Mt6000 Firmware +27
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Mt6000 Firmware A1300 Firmware +26
NVD GitHub
EPSS 21% CVSS 9.8
CRITICAL POC THREAT Act Now

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Mt6000 Firmware A1300 Firmware +26
NVD GitHub
EPSS 15% CVSS 9.8
CRITICAL POC THREAT Act Now

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Mt6000 Firmware A1300 Firmware +26
NVD GitHub
EPSS 1% CVSS 9.1
CRITICAL Act Now

Tenda N300 F3 router vulnerability allows users to bypass intended security policy and create weak passwords. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Tenda N300 Firmware
NVD GitHub VulDB
EPSS 24% CVSS 7.5
HIGH POC THREAT This Week

An issue was discovered on certain GL-iNet devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mt6000 Firmware Xe3000 Firmware +24
NVD GitHub Exploit-DB
EPSS 0% CVSS 5.3
MEDIUM This Month

Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Tenda N300 Firmware
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible before and after configuring the device, exhibits multiple remote command injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection N300 Firmware
NVD
EPSS 1% CVSS 8.3
HIGH POC This Week

The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass N300 Firmware N300
NVD
EPSS 0% CVSS 6.8
MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF N300 Firmware N300
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy