VYPR

GL-RM1

by Gl Inet

CVEs (2)

  • CVE-2026-5959MedApr 9, 2026
    risk 0.43cvss 6.6epss 0.01

    A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated…

  • CVE-2026-32290MedMar 17, 2026
    risk 0.31cvss 4.7epss 0.00

    The GL-iNet Comet (GL-RM1) KVM before version 1.8.2 does not sufficiently verify the authenticity of uploaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding MD5 hash to pass verification.