Olivier

**Name of the Vulnerable Software and Affected Versions** GL.iNet router firmware versions 4.x **Description** A vulnerability was found in the Download Interface component of the GL.iNet router firmware, affecting some unknown processing. The manipulation leads to improper authorization. **Recommendations** For version 4.x, it is recommended to upgrade the affected component.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned. **Description** A user can assign themselves to arbitrary groups by reusing a POST request issued by an administrator, potentially allowing an attacker to escalate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.