VYPR

GL-AR750S-Ext

by Gl Inet

CVEs (2)

  • CVE-2023-33620Jun 13, 2023
    risk 0.00cvss epss 0.01

    GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows attackers to eavesdrop via a man-in-the-middle attack.

  • CVE-2023-33621Jun 13, 2023
    risk 0.00cvss epss 0.01

    GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The token is then left in the browser history or access logs, potentially allowing attackers to bypass authentication via session…