Vulnerability Details CVE-2024-27356
An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical user information. This affects MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300, X750 4.3.7, SFT1200 4.3.7, XE300 4.3.7, MT1300 4.3.10, AR750 4.3.10, AR750S 4.3.10, AR300M 4.3.10, AR300M16 4.3.10, B1300 4.3.10, MT300N-v2 4.3.10, X300B 3.217, S1300 3.216, SF1200 3.216, MV1000 3.216, N300 3.216, B2200 3.216, and X1200 3.203.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.235
EPSS Ranking 95.8%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2024-27356
-
cpe:2.3:h:gl-inet:a1300:-
-
cpe:2.3:h:gl-inet:ar300m16:-
-
cpe:2.3:h:gl-inet:ar300m:-
-
cpe:2.3:h:gl-inet:ar750:-
-
cpe:2.3:h:gl-inet:ar750s:-
-
cpe:2.3:h:gl-inet:ax1800:-
-
cpe:2.3:h:gl-inet:axt1800:-
-
cpe:2.3:h:gl-inet:b1300:-
-
cpe:2.3:h:gl-inet:b2200:-
-
cpe:2.3:h:gl-inet:mt1300:-
-
cpe:2.3:h:gl-inet:mt2500:-
-
cpe:2.3:h:gl-inet:mt3000:-
-
cpe:2.3:h:gl-inet:mt300n-v2:-
-
cpe:2.3:h:gl-inet:mt6000:-
-
cpe:2.3:h:gl-inet:mv1000:-
-
cpe:2.3:h:gl-inet:n300:-
-
cpe:2.3:h:gl-inet:s1300:-
-
cpe:2.3:h:gl-inet:s200:-
-
cpe:2.3:h:gl-inet:sf1200:-
-
cpe:2.3:h:gl-inet:sft1200:-
-
cpe:2.3:h:gl-inet:x1200:-
-
cpe:2.3:h:gl-inet:x3000:-
-
cpe:2.3:h:gl-inet:x300b:-
-
cpe:2.3:h:gl-inet:x750:-
-
cpe:2.3:h:gl-inet:xe3000:-
-
cpe:2.3:h:gl-inet:xe300:-
-
cpe:2.3:o:gl-inet:a1300_firmware:4.5.0
-
cpe:2.3:o:gl-inet:ar300m16_firmware:4.3.10
-
cpe:2.3:o:gl-inet:ar300m_firmware:4.3.10
-
cpe:2.3:o:gl-inet:ar750_firmware:4.3.10
-
cpe:2.3:o:gl-inet:ar750s_firmware:4.3.10
-
cpe:2.3:o:gl-inet:ax1800_firmware:4.5.0
-
cpe:2.3:o:gl-inet:axt1800_firmware:4.5.0
-
cpe:2.3:o:gl-inet:b1300_firmware:4.3.10
-
cpe:2.3:o:gl-inet:b2200_firmware:3.216
-
cpe:2.3:o:gl-inet:mt1300_firmware:4.3.10
-
cpe:2.3:o:gl-inet:mt2500_firmware:4.5.0
-
cpe:2.3:o:gl-inet:mt3000_firmware:4.5.0
-
cpe:2.3:o:gl-inet:mt300n-v2_firmware:4.3.10
-
cpe:2.3:o:gl-inet:mt6000_firmware:4.5.5
-
cpe:2.3:o:gl-inet:mv1000_firmware:3.216
-
cpe:2.3:o:gl-inet:n300_firmware:3.216
-
cpe:2.3:o:gl-inet:s1300_firmware:3.216
-
cpe:2.3:o:gl-inet:s200_firmware:4.1.4-0300
-
cpe:2.3:o:gl-inet:sf1200_firmware:3.216
-
cpe:2.3:o:gl-inet:sft1200_firmware:4.37
-
cpe:2.3:o:gl-inet:x1200_firmware:3.203
-
cpe:2.3:o:gl-inet:x3000_firmware:4.4.5
-
cpe:2.3:o:gl-inet:x300b_firmware:3.217
-
cpe:2.3:o:gl-inet:x750_firmware:4.3.7
-
cpe:2.3:o:gl-inet:xe3000_firmware:4.4.4
-
cpe:2.3:o:gl-inet:xe300_firmware:4.3.7