Vulnerabilities > GL Inet > GL Ar300M Lite Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-03-21 CVE-2019-6275 Command Injection vulnerability in Gl-Inet Gl-Ar300M-Lite Firmware 2.27
Command injection vulnerability in firmware_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code.
network
low complexity
gl-inet CWE-77
6.5
6.5
2019-03-21 CVE-2019-6274 Path Traversal vulnerability in Gl-Inet Gl-Ar300M-Lite Firmware 2.27
Directory traversal vulnerability in storage_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to have unspecified impact via directory traversal sequences.
network
low complexity
gl-inet CWE-22
6.5
6.5
2019-03-21 CVE-2019-6273 Path Traversal vulnerability in Gl-Inet Gl-Ar300M-Lite Firmware 2.27
download_file in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to download arbitrary files.
network
low complexity
gl-inet CWE-22
4.0
4.0
2019-03-21 CVE-2019-6272 Command Injection vulnerability in Gl-Inet Gl-Ar300M-Lite Firmware 2.27
Command injection vulnerability in login_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code.
network
low complexity
gl-inet CWE-77
6.5
6.5