Primary

Context

GL.iNet Routers Improper Authorization Vulnerability in Download Interface

Vulnerability

Patched

A vulnerability allowing unauthorized file downloads through the download interface has been identified in multiple GL.iNet router models, all running firmware version 4.x. This issue arises from improper authorization checks, enabling users to access restricted files or resources without the necessary permissions.

Impact

Exploitation of this vulnerability could lead to unauthorized access to files or resources on the affected router.

Remediation

Users are advised to upgrade their routers to the latest firmware version that addresses this vulnerability. For specific upgrade instructions, refer to the GL.iNet security advisory published on April 24, 2025.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GL.iNet Routers Improper Authorization Vulnerability in Download Interface

Vulnerability

Impact

Remediation

Affected Products

GL.iNet GL-A1300 Slate Plus

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating