8
CVE-2024-45260
- EPSS 3.55%
- Veröffentlicht 24.10.2024 21:15:11
- Zuletzt bearbeitet 15.10.2025 17:55:07
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. Users who belong to unauthorized groups can invoke any interface of the device, thereby gaining complete control over it.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch National Vulnerability Database (NVD)
Gl-inet ≫ Mt2500 Firmware Version >= 4.6.2 < 4.6.4
Gl-inet ≫ Axt1800 Firmware Version >= 4.6.2 < 4.6.4
Gl-inet ≫ Ax1800 Firmware Version >= 4.6.2 < 4.6.4
Gl-inet ≫ B3000 Firmware Version4.5.18
Gl-inet ≫ A1300 Firmware Version4.5.17
Gl-inet ≫ X300b Firmware Version4.5.17
Gl-inet ≫ X3000 Firmware Version4.4.9
Gl-inet ≫ Xe3000 Firmware Version4.4.9
Gl-inet ≫ X750 Firmware Version4.3.18
Gl-inet ≫ Sft1200 Firmware Version4.3.18
Gl-inet ≫ Mt1300 Firmware Version4.3.18
Gl-inet ≫ E750 Firmware Version4.3.17
Gl-inet ≫ Xe300 Firmware Version4.3.17
Gl-inet ≫ Ar750 Firmware Version4.3.17
Gl-inet ≫ Ar750s Firmware Version4.3.17
Gl-inet ≫ Ar300m Firmware Version4.3.17
Gl-inet ≫ Mt300n-v2 Firmware Version4.3.17
Gl-inet ≫ Mt3000 Firmware Version4.6.2
Gl-inet ≫ Ar300m16 Firmware Version4.3.17
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.55% | 0.873 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8 | 2.1 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-863 Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.