Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for s200_firmware by gl-inet

    CVE-2024-27356 (GCVE-0-2024-27356)

    Vulnerability from nvd – Published: 2024-02-27 00:00 – Updated: 2025-03-24 15:44
    VLAI
    Summary
    An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical user information. This affects MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300, X750 4.3.7, SFT1200 4.3.7, XE300 4.3.7, MT1300 4.3.10, AR750 4.3.10, AR750S 4.3.10, AR300M 4.3.10, AR300M16 4.3.10, B1300 4.3.10, MT300N-v2 4.3.10, X300B 3.217, S1300 3.216, SF1200 3.216, MV1000 3.216, N300 3.216, B2200 3.216, and X1200 3.203.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    gl-inet mt1300 Affected: 4.3.10
        cpe:2.3:a:gl-inet:mt1300:4.3.10:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet ar750 Affected: 4.3.10
        cpe:2.3:a:gl-inet:ar750:4.3.10:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet ar750s Affected: 4.3.10
        cpe:2.3:a:gl-inet:ar750s:4.3.10:*:*:*:*:*:*:*
    Create a notification for this product.
    gl.inet MT6000 Affected: 4.5.5
        cpe:2.3:h:gl.inet:MT6000:-:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet xe3000 Affected: 4.4.4
        cpe:2.3:a:gl-inet:xe3000:4.4.4:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet x3000 Affected: 4.4.5
        cpe:2.3:a:gl-inet:x3000:4.4.5:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet mt3000 Affected: 4.5.0
        cpe:2.3:a:gl-inet:mt3000:4.5.0:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet mt2500 Affected: 4.5.0
        cpe:2.3:a:gl-inet:mt2500:4.5.0:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet axt1800 Affected: 4.5.0
        cpe:2.3:a:gl-inet:axt1800:4.5.0:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet ax1800 Affected: 4.5.0
        cpe:2.3:a:gl-inet:ax1800:4.5.0:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet a1300 Affected: 4.5.0
        cpe:2.3:a:gl-inet:a1300:4.5.0:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet s200 Affected: 4.1.4
        cpe:2.3:a:gl-inet:s200:4.1.4:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet 0300 Affected: 4.3.7
        cpe:2.3:a:gl-inet:0300:*:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet x750 Affected: 4.3.7
        cpe:2.3:a:gl-inet:x750:4.3.7:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet sft1200 Affected: 4.3.7
        cpe:2.3:a:gl-inet:sft1200:4.3.7:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet xe300 Affected: 4.3.7
        cpe:2.3:a:gl-inet:xe300:4.3.7:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet ar3000m Affected: 4.3.10
        cpe:2.3:a:gl-inet:ar3000m:4.3.10:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet ar3000m16 Affected: 4.3.10
        cpe:2.3:a:gl-inet:ar3000m16:4.3.10:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet b1300 Affected: 4.3.10
        cpe:2.3:a:gl-inet:b1300:4.3.10:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet mt300nv2 Affected: 4.3.10
        cpe:2.3:a:gl-inet:mt300nv2:4.3.10:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet x300b Affected: 3.217
        cpe:2.3:a:gl-inet:x300b:3.217:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet s1300 Affected: 3.216
        cpe:2.3:a:gl-inet:s1300:3.216:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet sf1200 Affected: 3.216
        cpe:2.3:a:gl-inet:sf1200:3.216:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet mv1000 Affected: 3.216
        cpe:2.3:a:gl-inet:mv1000:3.216:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet n300 Affected: 3.216
        cpe:2.3:a:gl-inet:n300:3.216:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet b2200 Affected: 3.216
        cpe:2.3:a:gl-inet:b2200:3.216:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-i x1200 Affected: 3.203
        cpe:2.3:a:gl-i:x1200:3.203:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T00:34:51.986Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gl-inet.com"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Download_file_vulnerability.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:mt1300:4.3.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt1300",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.10"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:ar750:4.3.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ar750",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.10"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:ar750s:4.3.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ar750s",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.10"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:gl.inet:MT6000:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "MT6000",
                "vendor": "gl.inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.5.5"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:xe3000:4.4.4:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "xe3000",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.4.4"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:x3000:4.4.5:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "x3000",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.4.5"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:mt3000:4.5.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt3000",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.5.0"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:mt2500:4.5.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt2500",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.5.0"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:axt1800:4.5.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "axt1800",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.5.0"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:ax1800:4.5.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ax1800",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.5.0"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:a1300:4.5.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "a1300",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.5.0"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:s200:4.1.4:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "s200",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.1.4"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:0300:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "0300",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.7"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:x750:4.3.7:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "x750",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.7"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:sft1200:4.3.7:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sft1200",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.7"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:xe300:4.3.7:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "xe300",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.7"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:ar3000m:4.3.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ar3000m",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.10"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:ar3000m16:4.3.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ar3000m16",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.10"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:b1300:4.3.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "b1300",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.10"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:mt300nv2:4.3.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt300nv2",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.10"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:x300b:3.217:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "x300b",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.217"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:s1300:3.216:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "s1300",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.216"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:sf1200:3.216:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sf1200",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.216"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:mv1000:3.216:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mv1000",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.216"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:n300:3.216:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "n300",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.216"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:b2200:3.216:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "b2200",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.216"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-i:x1200:3.203:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "x1200",
                "vendor": "gl-i",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.203"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-27356",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-27T15:51:15.040940Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-200",
                    "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-24T15:44:54.024Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical user information. This affects MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300, X750 4.3.7, SFT1200 4.3.7, XE300 4.3.7, MT1300 4.3.10, AR750 4.3.10, AR750S 4.3.10, AR300M 4.3.10, AR300M16 4.3.10, B1300 4.3.10, MT300N-v2 4.3.10, X300B 3.217, S1300 3.216, SF1200 3.216, MV1000 3.216, N300 3.216, B2200 3.216, and X1200 3.203."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-27T00:17:16.406Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://gl-inet.com"
            },
            {
              "url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Download_file_vulnerability.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2024-27356",
        "datePublished": "2024-02-27T00:00:00.000Z",
        "dateReserved": "2024-02-25T00:00:00.000Z",
        "dateUpdated": "2025-03-24T15:44:54.024Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-27356 (GCVE-0-2024-27356)

    Vulnerability from cvelistv5 – Published: 2024-02-27 00:00 – Updated: 2025-03-24 15:44
    VLAI
    Summary
    An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical user information. This affects MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300, X750 4.3.7, SFT1200 4.3.7, XE300 4.3.7, MT1300 4.3.10, AR750 4.3.10, AR750S 4.3.10, AR300M 4.3.10, AR300M16 4.3.10, B1300 4.3.10, MT300N-v2 4.3.10, X300B 3.217, S1300 3.216, SF1200 3.216, MV1000 3.216, N300 3.216, B2200 3.216, and X1200 3.203.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    gl-inet mt1300 Affected: 4.3.10
        cpe:2.3:a:gl-inet:mt1300:4.3.10:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet ar750 Affected: 4.3.10
        cpe:2.3:a:gl-inet:ar750:4.3.10:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet ar750s Affected: 4.3.10
        cpe:2.3:a:gl-inet:ar750s:4.3.10:*:*:*:*:*:*:*
    Create a notification for this product.
    gl.inet MT6000 Affected: 4.5.5
        cpe:2.3:h:gl.inet:MT6000:-:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet xe3000 Affected: 4.4.4
        cpe:2.3:a:gl-inet:xe3000:4.4.4:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet x3000 Affected: 4.4.5
        cpe:2.3:a:gl-inet:x3000:4.4.5:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet mt3000 Affected: 4.5.0
        cpe:2.3:a:gl-inet:mt3000:4.5.0:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet mt2500 Affected: 4.5.0
        cpe:2.3:a:gl-inet:mt2500:4.5.0:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet axt1800 Affected: 4.5.0
        cpe:2.3:a:gl-inet:axt1800:4.5.0:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet ax1800 Affected: 4.5.0
        cpe:2.3:a:gl-inet:ax1800:4.5.0:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet a1300 Affected: 4.5.0
        cpe:2.3:a:gl-inet:a1300:4.5.0:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet s200 Affected: 4.1.4
        cpe:2.3:a:gl-inet:s200:4.1.4:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet 0300 Affected: 4.3.7
        cpe:2.3:a:gl-inet:0300:*:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet x750 Affected: 4.3.7
        cpe:2.3:a:gl-inet:x750:4.3.7:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet sft1200 Affected: 4.3.7
        cpe:2.3:a:gl-inet:sft1200:4.3.7:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet xe300 Affected: 4.3.7
        cpe:2.3:a:gl-inet:xe300:4.3.7:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet ar3000m Affected: 4.3.10
        cpe:2.3:a:gl-inet:ar3000m:4.3.10:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet ar3000m16 Affected: 4.3.10
        cpe:2.3:a:gl-inet:ar3000m16:4.3.10:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet b1300 Affected: 4.3.10
        cpe:2.3:a:gl-inet:b1300:4.3.10:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet mt300nv2 Affected: 4.3.10
        cpe:2.3:a:gl-inet:mt300nv2:4.3.10:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet x300b Affected: 3.217
        cpe:2.3:a:gl-inet:x300b:3.217:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet s1300 Affected: 3.216
        cpe:2.3:a:gl-inet:s1300:3.216:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet sf1200 Affected: 3.216
        cpe:2.3:a:gl-inet:sf1200:3.216:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet mv1000 Affected: 3.216
        cpe:2.3:a:gl-inet:mv1000:3.216:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet n300 Affected: 3.216
        cpe:2.3:a:gl-inet:n300:3.216:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-inet b2200 Affected: 3.216
        cpe:2.3:a:gl-inet:b2200:3.216:*:*:*:*:*:*:*
    Create a notification for this product.
    gl-i x1200 Affected: 3.203
        cpe:2.3:a:gl-i:x1200:3.203:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T00:34:51.986Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gl-inet.com"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Download_file_vulnerability.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:mt1300:4.3.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt1300",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.10"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:ar750:4.3.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ar750",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.10"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:ar750s:4.3.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ar750s",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.10"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:gl.inet:MT6000:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "MT6000",
                "vendor": "gl.inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.5.5"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:xe3000:4.4.4:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "xe3000",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.4.4"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:x3000:4.4.5:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "x3000",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.4.5"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:mt3000:4.5.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt3000",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.5.0"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:mt2500:4.5.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt2500",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.5.0"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:axt1800:4.5.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "axt1800",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.5.0"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:ax1800:4.5.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ax1800",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.5.0"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:a1300:4.5.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "a1300",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.5.0"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:s200:4.1.4:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "s200",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.1.4"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:0300:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "0300",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.7"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:x750:4.3.7:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "x750",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.7"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:sft1200:4.3.7:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sft1200",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.7"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:xe300:4.3.7:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "xe300",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.7"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:ar3000m:4.3.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ar3000m",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.10"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:ar3000m16:4.3.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "ar3000m16",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.10"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:b1300:4.3.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "b1300",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.10"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:mt300nv2:4.3.10:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mt300nv2",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "4.3.10"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:x300b:3.217:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "x300b",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.217"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:s1300:3.216:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "s1300",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.216"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:sf1200:3.216:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sf1200",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.216"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:mv1000:3.216:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mv1000",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.216"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:n300:3.216:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "n300",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.216"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-inet:b2200:3.216:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "b2200",
                "vendor": "gl-inet",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.216"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:gl-i:x1200:3.203:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "x1200",
                "vendor": "gl-i",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.203"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-27356",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-27T15:51:15.040940Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-200",
                    "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-24T15:44:54.024Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical user information. This affects MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300, X750 4.3.7, SFT1200 4.3.7, XE300 4.3.7, MT1300 4.3.10, AR750 4.3.10, AR750S 4.3.10, AR300M 4.3.10, AR300M16 4.3.10, B1300 4.3.10, MT300N-v2 4.3.10, X300B 3.217, S1300 3.216, SF1200 3.216, MV1000 3.216, N300 3.216, B2200 3.216, and X1200 3.203."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-27T00:17:16.406Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://gl-inet.com"
            },
            {
              "url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Download_file_vulnerability.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2024-27356",
        "datePublished": "2024-02-27T00:00:00.000Z",
        "dateReserved": "2024-02-25T00:00:00.000Z",
        "dateUpdated": "2025-03-24T15:44:54.024Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }