Beryl AX GL-MT3000

CVEs (2)

• CVE-2025-25685HigMar 17, 2025
  Gl Inet

  Beryl AX GL-MT3000
  risk 0.49cvss 7.5epss 0.00

  An issue was discovered in GL-INet Beryl AX GL-MT3000 v4.7.0. Attackers are able to download arbitrary files from the device's file system via adding symbolic links on an external drive used as a samba share.

• CVE-2025-25684HigMar 17, 2025
  Gl Inet

  Beryl AX GL-MT3000
  risk 0.49cvss 7.5epss 0.00

  A lack of validation in the path parameter (/download) of GL-INet Beryl AX GL-MT3000 v4.7.0 allows attackers to download arbitrary files from the device's file system via a crafted POST request.