QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-2850

Back to search

CVE-2025-2850

Published: Apr 26, 2025

Modified: Apr 28, 2025

PUBLISHED

CVSS v3.1

3.5

LOW

Description

A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-AR750 Creta, GL-AR750S-EXT Slate, GL-AX1800 Flint, GL-AXT1800 Slate AX, GL-B1300 Convexa-B, GL-B3000 Marble, GL-BE3600 Slate 7, GL-E750, GL-E750V2 Mudi, GL-MT300N-V2 Mango, GL-MT1300 Beryl, GL-MT2500 Brume 2, GL-MT3000 Beryl AX, GL-MT6000 Flint 2, GL-SFT1200 Opal, GL-X300B Collie, GL-X750 Spitz, GL-X3000 Spitz AX, GL-XE300 Puli and GL-XE3000 Puli AX 4.x. It has been rated as problematic. This issue affects some unknown processing of the component Download Interface. The manipulation leads to improper authorization. It is recommended to upgrade the affected component.

VendorProductVersions

GL.iNet

GL-A1300 Slate Plus

affected
4.x

GL.iNet

GL-AR300M16 Shadow

affected
4.x

GL.iNet

GL-AR300M Shadow

affected
4.x

GL.iNet

GL-AR750 Creta

affected
4.x

GL.iNet

GL-AR750S-EXT Slate

affected
4.x

GL.iNet

GL-AX1800 Flint

affected
4.x

GL.iNet

GL-AXT1800 Slate AX

affected
4.x

GL.iNet

GL-B1300 Convexa-B

affected
4.x

GL.iNet

GL-B3000 Marble

affected
4.x

GL.iNet

GL-BE3600 Slate 7

affected
4.x

GL.iNet

GL-E750

affected
4.x

GL.iNet

GL-E750V2 Mudi

affected
4.x

GL.iNet

GL-MT300N-V2 Mango

affected
4.x

GL.iNet

GL-MT1300 Beryl

affected
4.x

GL.iNet

GL-MT2500 Brume 2

affected
4.x

GL.iNet

GL-MT3000 Beryl AX

affected
4.x

GL.iNet

GL-MT6000 Flint 2

affected
4.x

GL.iNet

GL-SFT1200 Opal

affected
4.x

GL.iNet

GL-X300B Collie

affected
4.x

GL.iNet

GL-X750 Spitz

affected
4.x

GL.iNet

GL-X3000 Spitz AX

affected
4.x

GL.iNet

GL-XE300 Puli

affected
4.x

GL.iNet

GL-XE3000 Puli AX

affected
4.x

Weaknesses (CWE)

CWE-285
CWE-266

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

References

VDB-306287 | CTI Indicators (IOB, IOC, TTP)
signature
permissions-required

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now