GL-iNet Announces Rapidly Exploitable Remote Code Execution Vulnerability Affecting Multiple Products
CVE-2024-39225

9.8CRITICAL

Key Information:

Vendor: Gl-inet
Status: Mt6000 Firmware
Vendor: CVE Published:; 6 August 2024

What is CVE-2024-39225?

GL-iNet wireless routers have been identified with a significant remote code execution vulnerability that allows attackers to execute arbitrary code remotely. This affects various models, including the AR750, AR300M, and MT300N-V2 among others, primarily in versions ranging from v4.3.11 to v4.5.16. An exploitation could lead to unauthorized access or control over the device, posing a severe risk to users. It is crucial for organizations and individuals using these routers to update their firmware to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://ar750ar750sar300mar300m16mt300n-v2b1300mt1300sft12...

https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Byp...

EPSS Score

32% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 6, 2024

JSON

Gl-inet

What is CVE-2024-39225?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

EPSS Score

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.