Vulnerabilities > GL Inet > GL Ar750S Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-12 | CVE-2023-50920 | Session Fixation vulnerability in Gl-Inet products An issue was discovered on GL.iNet devices before version 4.5.0. | 5.5 |
| 2023-06-13 | CVE-2023-33620 | Insufficiently Protected Credentials vulnerability in Gl-Inet Gl-Ar750S Firmware 3.215 GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows attackers to eavesdrop via a man-in-the-middle attack. | 5.9 |
| 2023-06-13 | CVE-2023-33621 | Authentication Bypass by Capture-replay vulnerability in Gl-Inet Gl-Ar750S Firmware 3.215 GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. | 5.9 |
| 2023-05-11 | CVE-2023-31473 | Command Injection vulnerability in Gl-Inet products An issue was discovered on GL.iNet devices before 3.216. | 4.9 |