Pan.Li

**Name of the Vulnerable Software and Affected Versions** GL.iNet GL-A1300 Slate Plus version 4.x GL.iNet GL-AR300M16 Shadow version 4.x GL.iNet GL-AR300M Shadow version 4.x GL.iNet GL-AR750 Creta version 4.x GL.iNet GL-AR750S-EXT Slate version 4.x GL.iNet GL-AX1800 Flint version 4.x GL.iNet GL-AXT1800 Slate AX version 4.x GL.iNet GL-B1300 Convexa-B version 4.x GL.iNet GL-B3000 Marble version 4.x GL.iNet GL-BE3600 Slate 7 version 4.x GL.iNet GL-E750 version 4.x GL.iNet GL-E750V2 Mudi version 4.x GL.iNet GL-MT300N-V2 Mango version 4.x GL.iNet GL-MT1300 Beryl version 4.x GL.iNet GL-MT2500 Brume 2 version 4.x GL.iNet GL-MT3000 Beryl AX version 4.x GL.iNet GL-MT6000 Flint 2 version 4.x GL.iNet GL-SFT1200 Opal version 4.x GL.iNet GL-X300B Collie version 4.x GL.iNet GL-X750 Spitz version 4.x GL.iNet GL-X3000 Spitz AX version 4.x GL.iNet GL-XE300 Puli version 4.x GL.iNet GL-XE3000 Puli AX version 4.x **Description** A vulnerability was found in the component API of the affected GL.iNet devices. The manipulation leads to inefficient regular expression complexity. It is recommended to upgrade the affected component. **Recommendations** Upgrade the affected component to a newer version for each of the affected devices: GL.iNet GL-A1300 Slate Plus GL.iNet GL-AR300M16 Shadow GL.iNet GL-AR300M Shadow GL.iNet GL-AR750 Creta GL.iNet GL-AR750S-EXT Slate GL.iNet GL-AX1800 Flint GL.iNet GL-AXT1800 Slate AX GL.iNet GL-B1300 Convexa-B GL.iNet GL-B3000 Marble GL.iNet GL-BE3600 Slate 7 GL.iNet GL-E750 GL.iNet GL-E750V2 Mudi GL.iNet GL-MT300N-V2 Mango GL.iNet GL-MT1300 Beryl GL.iNet GL-MT2500 Brume 2 GL.iNet GL-MT3000 Beryl AX GL.iNet GL-MT6000 Flint 2 GL.iNet GL-SFT1200 Opal GL.iNet GL-X300B Collie GL.iNet GL-X750 Spitz GL.iNet GL-X3000 Spitz AX GL.iNet GL-XE300 Puli GL.iNet GL-XE3000 Puli AX