CVE-2024-45261
HIGH EPSS 37.8%
Published Oct 24, 20241y ago · Modified Jun 17, 20261w ago
8.0 CVSS 3.1
Published Oct 24, 2024 1y ago
Last Modified Jun 17, 2026 1w ago
Description
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The SID generated for a specific user is not tied to that user itself, which allows other users to potentially use it for authentication. Once an attacker bypasses the application's authentication procedures, they can generate a valid SID, escalate privileges, and gain full control.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector Adjacent
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
37.8% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-863 Incorrect Authorization Authorization
Affected Products 42
| Vendor | Product | Version | Range |
|---|---|---|---|
| gl-inet | mt2500_firmware | * | ≥4.6.2 – <4.6.4 |
| gl-inet | mt2500 | * | any |
| gl-inet | axt1800_firmware | * | ≥4.6.2 – <4.6.4 |
| gl-inet | axt1800 | * | any |
| gl-inet | ax1800_firmware | * | ≥4.6.2 – <4.6.4 |
| gl-inet | ax1800 | * | any |
| gl-inet | b3000_firmware | 4.5.18 | any |
| gl-inet | b3000 | * | any |
| gl-inet | a1300_firmware | 4.5.17 | any |
| gl-inet | a1300 | * | any |
| gl-inet | x300b_firmware | 4.5.17 | any |
| gl-inet | x300b | * | any |
| gl-inet | x3000_firmware | 4.4.9 | any |
| gl-inet | x3000 | * | any |
| gl-inet | xe3000_firmware | 4.4.9 | any |
| gl-inet | xe3000 | * | any |
| gl-inet | x750_firmware | 4.3.18 | any |
| gl-inet | x750 | * | any |
| gl-inet | sft1200_firmware | 4.3.18 | any |
| gl-inet | sft1200 | * | any |
| gl-inet | mt1300_firmware | 4.3.18 | any |
| gl-inet | mt1300 | * | any |
| gl-inet | e750_firmware | 4.3.17 | any |
| gl-inet | e750 | * | any |
| gl-inet | xe300_firmware | 4.3.17 | any |
| gl-inet | xe300 | * | any |
| gl-inet | ar750_firmware | 4.3.17 | any |
| gl-inet | ar750 | * | any |
| gl-inet | ar750s_firmware | 4.3.17 | any |
| gl-inet | ar750s | * | any |
| gl-inet | ar300m_firmware | 4.3.17 | any |
| gl-inet | ar300m | * | any |
| gl-inet | mt300n-v2_firmware | 4.3.17 | any |
| gl-inet | mt300n-v2 | * | any |
| gl-inet | mt3000_firmware | 4.6.2 | any |
| gl-inet | gl-mt3000 | * | any |
| gl-inet | ar300m16_firmware | 4.3.17 | any |
| gl-inet | ar300m16 | * | any |
| gl-inet | mt6000_firmware | 4.6.2 | any |
| gl-inet | mt6000 | * | any |
| gl-inet | b1300_firmware | 4.3.17 | any |
| gl-inet | b1300 | * | any |
References 1
- github.com https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Bypassing%20Login%20Mechanism%20with%20Passwordless%20User%20Login.md
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.