Vulnerability Details CVE-2024-39228
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a shell injection vulnerability via the interface check_ovpn_client_config and check_config.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.1%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2024-39228
-
cpe:2.3:h:gl-inet:a1300:-
-
cpe:2.3:h:gl-inet:ap1300:-
-
cpe:2.3:h:gl-inet:ar300m16:-
-
cpe:2.3:h:gl-inet:ar300m:-
-
cpe:2.3:h:gl-inet:ar750:-
-
cpe:2.3:h:gl-inet:ar750s:-
-
cpe:2.3:h:gl-inet:ax1800:-
-
cpe:2.3:h:gl-inet:axt1800:-
-
cpe:2.3:h:gl-inet:b1300:-
-
cpe:2.3:h:gl-inet:b2200:-
-
cpe:2.3:h:gl-inet:e750:-
-
cpe:2.3:h:gl-inet:mt1300:-
-
cpe:2.3:h:gl-inet:mt2500:-
-
cpe:2.3:h:gl-inet:mt3000:-
-
cpe:2.3:h:gl-inet:mt300n-v2:-
-
cpe:2.3:h:gl-inet:mt6000:-
-
cpe:2.3:h:gl-inet:mv1000:-
-
cpe:2.3:h:gl-inet:mv1000w:-
-
cpe:2.3:h:gl-inet:n300:-
-
cpe:2.3:h:gl-inet:s1300:-
-
cpe:2.3:h:gl-inet:sf1200:-
-
cpe:2.3:h:gl-inet:sft1200:-
-
cpe:2.3:h:gl-inet:usb150:-
-
cpe:2.3:h:gl-inet:x3000:-
-
cpe:2.3:h:gl-inet:x300b:-
-
cpe:2.3:h:gl-inet:x750:-
-
cpe:2.3:h:gl-inet:xe3000:-
-
cpe:2.3:h:gl-inet:xe300:-
-
cpe:2.3:o:gl-inet:a1300_firmware:4.5.16
-
cpe:2.3:o:gl-inet:ap1300_firmware:3.217
-
cpe:2.3:o:gl-inet:ar300m16_firmware:4.3.11
-
cpe:2.3:o:gl-inet:ar300m_firmware:4.3.11
-
cpe:2.3:o:gl-inet:ar750_firmware:4.3.11
-
cpe:2.3:o:gl-inet:ar750s_firmware:4.3.11
-
cpe:2.3:o:gl-inet:ax1800_firmware:4.5.16
-
cpe:2.3:o:gl-inet:axt1800_firmware:4.5.16
-
cpe:2.3:o:gl-inet:b1300_firmware:4.3.11
-
cpe:2.3:o:gl-inet:b2200_firmware:3.216
-
cpe:2.3:o:gl-inet:e750_firmware:4.3.12
-
cpe:2.3:o:gl-inet:mt1300_firmware:4.3.11
-
cpe:2.3:o:gl-inet:mt2500_firmware:4.5.16
-
cpe:2.3:o:gl-inet:mt3000_firmware:4.5.16
-
cpe:2.3:o:gl-inet:mt300n-v2_firmware:4.3.11
-
cpe:2.3:o:gl-inet:mt6000_firmware:4.5.8
-
cpe:2.3:o:gl-inet:mv1000_firmware:3.216
-
cpe:2.3:o:gl-inet:mv1000w_firmware:3.216
-
cpe:2.3:o:gl-inet:n300_firmware:3.216
-
cpe:2.3:o:gl-inet:s1300_firmware:3.216
-
cpe:2.3:o:gl-inet:sf1200_firmware:3.216
-
cpe:2.3:o:gl-inet:sft1200_firmware:4.3.11
-
cpe:2.3:o:gl-inet:usb150_firmware:3.216
-
cpe:2.3:o:gl-inet:x3000_firmware:4.4.8
-
cpe:2.3:o:gl-inet:x300b_firmware:4.5.16
-
cpe:2.3:o:gl-inet:x750_firmware:4.3.11
-
cpe:2.3:o:gl-inet:xe3000_firmware:4.4.8
-
cpe:2.3:o:gl-inet:xe300_firmware:4.3.16