CVE-2024-39226
06.08.2024, 16:15
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a vulnerability can be exploited to manipulate routers by passing malicious shell commands through the s2s API.
| Vendor | Product | Version |
|---|---|---|
| gl-inet | mt6000_firmware | 4.5.8 |
| gl-inet | a1300_firmware | 4.5.16 |
| gl-inet | x300b_firmware | 4.5.16 |
| gl-inet | ax1800_firmware | 4.5.16 |
| gl-inet | axt1800_firmware | 4.5.16 |
| gl-inet | mt2500_firmware | 4.5.16 |
| gl-inet | mt3000_firmware | 4.5.16 |
| gl-inet | x3000_firmware | 4.4.8 |
| gl-inet | xe3000_firmware | 4.4.8 |
| gl-inet | xe300_firmware | 4.3.16 |
| gl-inet | e750_firmware | 4.3.12 |
| gl-inet | x750_firmware | 4.3.11 |
| gl-inet | sft1200_firmware | 4.3.11 |
| gl-inet | ar300m_firmware | 4.3.11 |
| gl-inet | ar300m16_firmware | 4.3.11 |
| gl-inet | ar750_firmware | 4.3.11 |
| gl-inet | ar750s_firmware | 4.3.11 |
| gl-inet | b1300_firmware | 4.3.11 |
| gl-inet | mt1300_firmware | 4.3.11 |
| gl-inet | mt300n-v2_firmware | 4.3.11 |
| gl-inet | ap1300_firmware | 3.217 |
| gl-inet | b2200_firmware | 3.216 |
| gl-inet | mv1000_firmware | 3.216 |
| gl-inet | mv1000w_firmware | 3.216 |
| gl-inet | usb150_firmware | 3.216 |
| gl-inet | sf1200_firmware | 3.216 |
| gl-inet | n300_firmware | 3.216 |
| gl-inet | s1300_firmware | 3.216 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.