Unrated severityNVD Advisory· Published Aug 6, 2024· Updated Aug 15, 2024

CVE-2024-39228

Description

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a shell injection vulnerability via the interface check_ovpn_client_config and check_config.

Affected products

GL-iNet/GL-iNet productsdescription
Gl Inet/Gl Mt3000llm-fuzzy
Range: v4.5.16
Gl Inet/XE3000llm-fuzzy
Range: v4.4
Gl Inet/AR750llm-fuzzy
Range: v4.3.11

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/gl-inet/CVE-issues/blob/main/4.0.0/Ovpn%20interface%20shell%20injection.mdmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000