Main Vulnerability Database SB2025051227

SB2025051227 - Multiple vulnerabilities in GL.iNet routers

Published: May 12, 2025

Security Bulletin ID SB2025051227

CSH Severity

High

Patch available

YES

Number of vulnerabilities 4

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 4 vulnerabilities.

1) OS Command Injection (CVE-ID: CVE-2024-57391)

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a remote user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation. A remote administrator can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

2) Inefficient regular expression complexity (CVE-ID: CVE-2025-2811)

CWE-ID: CWE-1333 - Inefficient Regular Expression Complexity

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation when processing untrusted input with a regular expressions. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.

3) Improper Authorization (CVE-ID: CVE-2025-2850)

CWE-ID: CWE-285 - Improper Authorization

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote attacker to bypass authorization checks.

The vulnerability exists due to improper authorization. A remote user on the local network can cause arbitrary file download of router in download interfaces.

4) Buffer overflow (CVE-ID: CVE-2025-2851)

CWE-ID: CWE-119 - Memory corruption

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the rpc in the plugins.so library. A remote user on the local network can trigger memory corruption and execute arbitrary code on the target system.

Remediation

Install update from vendor's website.

References

Vulnerable Software

GL-AX1800 Flint: 4.6.8 and previous versions
GL-AXT1800 Slate AX: 4.6.8 and previous versions
GL-MT2500 Brume 2: 4.7.0 and previous versions
GL-MT3000 Beryl AX: 4.7.0 and previous versions
GL-MT6000 Flint 2: 4.7.0 and previous versions
GL-B3000 Marble: 4.5.19 and previous versions
GL-A1300 Slate Plus: 4.5.19 and previous versions
GL-X300B Collie: 4.5.19 and previous versions
GL-X3000 Spitz AX: 4.4.13 and previous versions
GL-XE3000 Puli AX: 4.4.13 and previous versions
GL-SFT1200 Opal: 4.3.24 and previous versions
GL-X750 Spitz: 4.3.19 and previous versions
GL-MT1300 Beryl: 4.3.19 and previous versions
GL-E750/GL-E750V2 Mudi: 4.3.19 and previous versions
GL-XE300 Puli: 4.3.18 and previous versions
GL-AR750 Creta: 4.3.18 and previous versions
GL-AR750S-EXT Slate: 4.3.18 and previous versions
GL-AR300M Shadow: 4.3.18 and previous versions
GL-AR300M16 Shadow: 4.3.18 and previous versions
GL-B1300 Convexa-B: 4.3.18 and previous versions
GL-MT300N-V2 Mango: 4.3.18 and previous versions
GL-BE3600 Slate 7: before 4.7.1

SB2025051227 - Multiple vulnerabilities in GL.iNet routers

Breakdown by Severity

Description

Remediation

References

Please verify you're human