Glinet

**Name of the Vulnerable Software and Affected Versions** GL.iNet A1300 versions prior to 4.9.0 GL.iNet AX1800 versions prior to 4.9.0 GL.iNet AXT1800 versions prior to 4.9.0 GL.iNet MT2500 versions prior to 4.9.0 GL.iNet MT3000 versions prior to 4.9.0 GL.iNet MT6000 versions prior to 4.9.0 GL.iNet X3000 versions prior to 4.9.0 GL.iNet XE3000 versions prior to 4.9.0 **Description** A flaw in the `glnassys` component allows a remote attacker to manipulate the system, leading to the use of a hard-coded cryptographic key. This attack is characterized by high complexity and is reported as difficult to exploit. **Recommendations** Update to version 4.9.0 Upgrade the `glnassys` component

Name of the Vulnerable Software and Affected Versions GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE versions 1.8.1 Description A security flaw exists in the Factory Reset Handler component, leading to improper authentication. The attack can be initiated remotely, but exploitation is difficult. The vendor responded promptly and released a fixed version. Recommendations Upgrade to version 1.8.2.