Gl-inet Ar300m16 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Gl-inet Ar300m16 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2026-26792 — CVSS 9.8 (critical): GL-iNet GL-AR300M16 v4.3.11 was discovered to contain multiple command injection vulnerabilities in the set_upgrade function via the…
CVE-2026-26795 — CVSS 9.8 (critical): GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the module parameter in the M.get_system_log…
CVE-2026-26791 — CVSS 9.8 (critical): GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the string port parameter in the…
CVE-2026-26793 — CVSS 9.8 (critical): GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the set_config function. This vulnerability…
CVE-2024-45262 — CVSS 8.8 (high): An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The params parameter in…
CVE-2026-26794 — CVSS 8.8 (high): GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a SQL injection vulnerability via the add_group() function. This vulnerability allows…
CVE-2024-45263 — CVSS 8.8 (high): An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The upload interface…
CVE-2024-45260 — CVSS 8.0 (high): An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. Users who belong to…
CVE-2024-45261 — CVSS 8.0 (high): An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The SID generated for a…
CVE-2024-27356 — CVSS 7.5 (high): An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical…
CVE-2024-28077 — CVSS 7.5 (high): A denial-of-service issue was discovered on certain GL-iNet devices. Some websites can detect devices exposed to the external network…
CVE-2024-45259 — CVSS 6.5 (medium): An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. By intercepting an HTTP…
CVE-2024-39229 — CVSS 5.3 (medium): An issue in GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X3…