Primary

Context

GL.iNet Products Buffer Overflow Vulnerability in RPC Handler

Vulnerability

Patched

A critical buffer overflow vulnerability has been identified in multiple GL.iNet router models running firmware version 4.x. The issue arises in an unknown function within the file 'plugins.so', specifically related to the RPC handler. This vulnerability allows for memory manipulation, which could potentially be exploited to execute arbitrary code or cause a denial-of-service condition.

Impact

Exploitation of this vulnerability leads to a buffer overflow, which can commonly result in arbitrary code execution or causing the device to crash.

Remediation

Users are advised to upgrade to the latest firmware version available for their specific router model. Instructions for downloading the updated firmware can be found on the GL.iNet website or through the GL.iNet GitHub page.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

10.0

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

10.0

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GL.iNet Products Buffer Overflow Vulnerability in RPC Handler

Vulnerability

Impact

Remediation

Affected Products

GL.iNet GL-A1300 Slate Plus

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating