CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-6275

Command injection vulnerability in firmware_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.07

EPSS Ranking 91.0%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

http://packetstormsecurity.com/files/151207/GL-AR300M-Lite-2.2.7-Command-Injection-Directory-Traversal.html
https://www.exploit-db.com/exploits/46179/
http://packetstormsecurity.com/files/151207/GL-AR300M-Lite-2.2.7-Command-Injection-Directory-Traversal.html
https://www.exploit-db.com/exploits/46179/

Products affected by CVE-2019-6275

Gl-Inet » Gl-Ar300m-Lite » Version: N/A

cpe:2.3:h:gl-inet:gl-ar300m-lite:-
Gl-Inet » Gl-Ar300m-Lite Firmware » Version: 2.27

cpe:2.3:o:gl-inet:gl-ar300m-lite_firmware:2.27

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-6275

Products

Pricing

Contact Us