{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2024-27356","assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","dateUpdated":"2025-03-24T15:44:54.024Z","dateReserved":"2024-02-25T00:00:00.000Z","datePublished":"2024-02-27T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2024-02-27T00:17:16.406Z"},"descriptions":[{"lang":"en","value":"An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical user information. This affects MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300, X750 4.3.7, SFT1200 4.3.7, XE300 4.3.7, MT1300 4.3.10, AR750 4.3.10, AR750S 4.3.10, AR300M 4.3.10, AR300M16 4.3.10, B1300 4.3.10, MT300N-v2 4.3.10, X300B 3.217, S1300 3.216, SF1200 3.216, MV1000 3.216, N300 3.216, B2200 3.216, and X1200 3.203."}],"affected":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}],"references":[{"url":"https://gl-inet.com"},{"url":"https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Download_file_vulnerability.md"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"n/a"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T00:34:51.986Z"},"title":"CVE Program Container","references":[{"url":"https://gl-inet.com","tags":["x_transferred"]},{"url":"https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Download_file_vulnerability.md","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-200","lang":"en","description":"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}],"affected":[{"vendor":"gl-inet","product":"mt1300","cpes":["cpe:2.3:a:gl-inet:mt1300:4.3.10:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.3.10","status":"affected"}]},{"vendor":"gl-inet","product":"ar750","cpes":["cpe:2.3:a:gl-inet:ar750:4.3.10:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.3.10","status":"affected"}]},{"vendor":"gl-inet","product":"ar750s","cpes":["cpe:2.3:a:gl-inet:ar750s:4.3.10:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.3.10","status":"affected"}]},{"vendor":"gl.inet","product":"MT6000","cpes":["cpe:2.3:h:gl.inet:MT6000:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.5.5","status":"affected"}]},{"vendor":"gl-inet","product":"xe3000","cpes":["cpe:2.3:a:gl-inet:xe3000:4.4.4:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.4.4","status":"affected"}]},{"vendor":"gl-inet","product":"x3000","cpes":["cpe:2.3:a:gl-inet:x3000:4.4.5:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.4.5","status":"affected"}]},{"vendor":"gl-inet","product":"mt3000","cpes":["cpe:2.3:a:gl-inet:mt3000:4.5.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.5.0","status":"affected"}]},{"vendor":"gl-inet","product":"mt2500","cpes":["cpe:2.3:a:gl-inet:mt2500:4.5.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.5.0","status":"affected"}]},{"vendor":"gl-inet","product":"axt1800","cpes":["cpe:2.3:a:gl-inet:axt1800:4.5.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.5.0","status":"affected"}]},{"vendor":"gl-inet","product":"ax1800","cpes":["cpe:2.3:a:gl-inet:ax1800:4.5.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.5.0","status":"affected"}]},{"vendor":"gl-inet","product":"a1300","cpes":["cpe:2.3:a:gl-inet:a1300:4.5.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.5.0","status":"affected"}]},{"vendor":"gl-inet","product":"s200","cpes":["cpe:2.3:a:gl-inet:s200:4.1.4:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.1.4","status":"affected"}]},{"vendor":"gl-inet","product":"0300","cpes":["cpe:2.3:a:gl-inet:0300:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.3.7","status":"affected"}]},{"vendor":"gl-inet","product":"x750","cpes":["cpe:2.3:a:gl-inet:x750:4.3.7:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.3.7","status":"affected"}]},{"vendor":"gl-inet","product":"sft1200","cpes":["cpe:2.3:a:gl-inet:sft1200:4.3.7:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.3.7","status":"affected"}]},{"vendor":"gl-inet","product":"xe300","cpes":["cpe:2.3:a:gl-inet:xe300:4.3.7:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.3.7","status":"affected"}]},{"vendor":"gl-inet","product":"ar3000m","cpes":["cpe:2.3:a:gl-inet:ar3000m:4.3.10:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.3.10","status":"affected"}]},{"vendor":"gl-inet","product":"ar3000m16","cpes":["cpe:2.3:a:gl-inet:ar3000m16:4.3.10:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.3.10","status":"affected"}]},{"vendor":"gl-inet","product":"b1300","cpes":["cpe:2.3:a:gl-inet:b1300:4.3.10:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.3.10","status":"affected"}]},{"vendor":"gl-inet","product":"mt300nv2","cpes":["cpe:2.3:a:gl-inet:mt300nv2:4.3.10:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"4.3.10","status":"affected"}]},{"vendor":"gl-inet","product":"x300b","cpes":["cpe:2.3:a:gl-inet:x300b:3.217:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"3.217","status":"affected"}]},{"vendor":"gl-inet","product":"s1300","cpes":["cpe:2.3:a:gl-inet:s1300:3.216:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"3.216","status":"affected"}]},{"vendor":"gl-inet","product":"sf1200","cpes":["cpe:2.3:a:gl-inet:sf1200:3.216:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"3.216","status":"affected"}]},{"vendor":"gl-inet","product":"mv1000","cpes":["cpe:2.3:a:gl-inet:mv1000:3.216:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"3.216","status":"affected"}]},{"vendor":"gl-inet","product":"n300","cpes":["cpe:2.3:a:gl-inet:n300:3.216:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"3.216","status":"affected"}]},{"vendor":"gl-inet","product":"b2200","cpes":["cpe:2.3:a:gl-inet:b2200:3.216:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"3.216","status":"affected"}]},{"vendor":"gl-i","product":"x1200","cpes":["cpe:2.3:a:gl-i:x1200:3.203:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"3.203","status":"affected"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.5,"attackVector":"NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-02-27T15:51:15.040940Z","id":"CVE-2024-27356","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-24T15:44:54.024Z"}}]}}