CVE-2024-39228

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a shell injection vulnerability via the interface check_ovpn_client_config and check_config.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
gl-inetmt6000_firmware
4.5.8
gl-ineta1300_firmware
4.5.16
gl-inetx300b_firmware
4.5.16
gl-inetax1800_firmware
4.5.16
gl-inetaxt1800_firmware
4.5.16
gl-inetmt2500_firmware
4.5.16
gl-inetmt3000_firmware
4.5.16
gl-inetx3000_firmware
4.4.8
gl-inetxe3000_firmware
4.4.8
gl-inetxe300_firmware
4.3.16
gl-inete750_firmware
4.3.12
gl-inetx750_firmware
4.3.11
gl-inetsft1200_firmware
4.3.11
gl-inetar300m_firmware
4.3.11
gl-inetar300m16_firmware
4.3.11
gl-inetar750_firmware
4.3.11
gl-inetar750s_firmware
4.3.11
gl-inetb1300_firmware
4.3.11
gl-inetmt1300_firmware
4.3.11
gl-inetmt300n-v2_firmware
4.3.11
gl-inetap1300_firmware
3.217
gl-inetb2200_firmware
3.216
gl-inetmv1000_firmware
3.216
gl-inetmv1000w_firmware
3.216
gl-inetusb150_firmware
3.216
gl-inetsf1200_firmware
3.216
gl-inetn300_firmware
3.216
gl-inets1300_firmware
3.216
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Ovpn%20interface%20shell%20injection.md