{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-29T17:53:22.504","vulnerabilities":[{"cve":{"id":"CVE-2024-28077","sourceIdentifier":"cve@mitre.org","published":"2024-08-26T20:15:07.733","lastModified":"2026-06-17T07:20:55.730","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A denial-of-service issue was discovered on certain GL-iNet devices. Some websites can detect devices exposed to the external network through DDNS, and consequently obtain the IP addresses and ports of devices that are exposed. By using special usernames and special characters (such as half parentheses or square brackets), one can call the login interface and cause the session-management program to crash, resulting in customers being unable to log into their devices. This affects MT6000 4.5.6, XE3000 4.4.5, X3000 4.4.6, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300, X750 4.3.7, SFT1200 4.3.7, MT1300 4.3.10, AR750 4.3.10, AR750S 4.3.10, AR300M 4.3.10, AR300M16 4.3.10, B1300 4.3.10, MT300N-V2 4.3.10, and XE300 4.3.16."},{"lang":"es","value":"Se descubrió un problema de denegación de servicio en ciertos dispositivos GL-iNet. Algunos sitios web pueden detectar dispositivos expuestos a la red externa a través de DDNS y, en consecuencia, obtener las direcciones IP y los puertos de los dispositivos que están expuestos. Al utilizar nombres de usuario especiales y caracteres especiales (como medio paréntesis o corchetes), se puede llamar a la interfaz de inicio de sesión y provocar que el programa de administración de sesiones falle, lo que provocará que los clientes no puedan iniciar sesión en sus dispositivos. Esto afecta a MT6000 4.5.6, XE3000 4.4.5, X3000 4.4.6, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300, X750 4.3.7, SFT1200 4.3.7, MT1300 4.3.10, AR750 4.3.10, AR750S 4.3.10, AR300M 4.3.10, AR300M16 4.3.10, B1300 4.3.10, MT300N-V2 4.3.10 y XE300 4 .3. 16."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-14T13:06:19.124374Z","id":"CVE-2024-28077","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:mt6000_firmware:4.5.6:*:*:*:*:*:*:*","matchCriteriaId":"5C1C6413-DB3D-4B14-9246-38AA5103615D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:mt6000:-:*:*:*:*:*:*:*","matchCriteriaId":"CCDE99A6-DA15-4E4B-8C60-CCB9D580BD82"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:x3000_firmware:4.4.6:*:*:*:*:*:*:*","matchCriteriaId":"861A5EB1-2DFF-479C-9202-590DB6E796C9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:x3000:-:*:*:*:*:*:*:*","matchCriteriaId":"9479FFAA-9C87-4530-884D-B96055A3D41C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:xe3000_firmware:4.4.4:*:*:*:*:*:*:*","matchCriteriaId":"FB3DD919-EC2B-44CF-AEBD-4EA5A0D52552"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:xe3000:-:*:*:*:*:*:*:*","matchCriteriaId":"265EDD5D-B879-4E8A-A6DE-400BC6273A41"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:a1300_firmware:4.5.0:*:*:*:*:*:*:*","matchCriteriaId":"CD782342-ED71-4BD6-97EB-330F14991957"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:a1300:-:*:*:*:*:*:*:*","matchCriteriaId":"D6DBF472-E98E-4E00-B6A0-6D8FA1678AEA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:ax1800_firmware:4.5.0:*:*:*:*:*:*:*","matchCriteriaId":"5AE60C1C-957D-472A-BB66-21DA80B97099"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:ax1800:-:*:*:*:*:*:*:*","matchCriteriaId":"BCB312FD-370C-4DF9-961F-F0C4920AA368"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:axt1800_firmware:4.5.0:*:*:*:*:*:*:*","matchCriteriaId":"AED7B3A1-7DEB-4DB0-AA6E-7D27434BD2CD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:axt1800:-:*:*:*:*:*:*:*","matchCriteriaId":"FF453954-BC32-4577-8CE4-066812193495"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:mt2500_firmware:4.5.0:*:*:*:*:*:*:*","matchCriteriaId":"9C4B6800-8A1B-4522-B5E0-9CC4C09DBA2A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:mt2500:-:*:*:*:*:*:*:*","matchCriteriaId":"3ADF5BF3-0F52-4947-8BC2-3505EDEEDF28"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:mt3000_firmware:4.5.0:*:*:*:*:*:*:*","matchCriteriaId":"79D3F6BA-60D2-495A-8C74-7E74D3DB25A7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:mt3000:-:*:*:*:*:*:*:*","matchCriteriaId":"AFF2DBFD-2AE0-41BC-B614-9836098119F4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:xe300_firmware:4.3.16:*:*:*:*:*:*:*","matchCriteriaId":"96241919-0E87-4966-B94F-58DA4DFDA607"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:xe300:-:*:*:*:*:*:*:*","matchCriteriaId":"57D82B62-F057-42A4-8530-86145AE91AC2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:x750_firmware:4.3.7:*:*:*:*:*:*:*","matchCriteriaId":"0CB74B0F-E141-403A-B480-5B48B9040D4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:x750:-:*:*:*:*:*:*:*","matchCriteriaId":"3D1EDFF0-F67C-4801-815C-309940BD7338"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:sft1200_firmware:4.3.7:*:*:*:*:*:*:*","matchCriteriaId":"9AE590D9-C0AB-4E3E-8E03-DBF12445AA0B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:sft1200:-:*:*:*:*:*:*:*","matchCriteriaId":"E656351D-E06E-435F-B1E5-34B89FD8B54B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:ar300m_firmware:4.3.10:*:*:*:*:*:*:*","matchCriteriaId":"E53CE790-1466-4BB0-933B-33B531C0DD55"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:ar300m:-:*:*:*:*:*:*:*","matchCriteriaId":"F040AC86-5D7A-4E57-B272-A425DDDE1698"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:ar300m16_firmware:4.3.10:*:*:*:*:*:*:*","matchCriteriaId":"83E73FCD-31F7-4BE9-8D16-FB4FDAC685BF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:ar300m16:-:*:*:*:*:*:*:*","matchCriteriaId":"FA3E349B-C40F-4DE6-B977-CF677B2F9814"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:ar750_firmware:4.3.10:*:*:*:*:*:*:*","matchCriteriaId":"993B06A2-2BB4-4EBC-904E-802001D9DFEC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:ar750:-:*:*:*:*:*:*:*","matchCriteriaId":"749A6936-392E-430C-ABD3-33D4C5B3D178"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:ar750s_firmware:4.3.10:*:*:*:*:*:*:*","matchCriteriaId":"AD8F61AA-DE3B-44DC-AE73-7D8E807F918E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:ar750s:-:*:*:*:*:*:*:*","matchCriteriaId":"F18E5F1D-55CD-4F6A-A349-90DD27B29955"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:b1300_firmware:4.3.10:*:*:*:*:*:*:*","matchCriteriaId":"5C1EDB92-F871-4F92-B5CB-9DE24A908D8C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:b1300:-:*:*:*:*:*:*:*","matchCriteriaId":"A47EFE3F-D217-469E-BEE6-5D78037C71C3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:mt1300_firmware:4.3.10:*:*:*:*:*:*:*","matchCriteriaId":"CE0558E6-FAC8-4569-9AA4-C96823E591C8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:mt1300:-:*:*:*:*:*:*:*","matchCriteriaId":"5CECA41F-E807-4234-8C41-477DE132210E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:mt300n-v2_firmware:4.3.10:*:*:*:*:*:*:*","matchCriteriaId":"F5BB0698-5585-4511-88EA-7C265EF22F10"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:mt300n-v2:-:*:*:*:*:*:*:*","matchCriteriaId":"797DD304-0AF8-4E2C-8F72-ADF31B8AD6F4"}]}]}],"references":[{"url":"https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Denial%20of%20service.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://gl-inet.com","source":"cve@mitre.org","tags":["Product"]}]}}]}