Security Advisory

CVE-2024-45262

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-24 00:00:00

Last updated 2024-10-28 19:22:25

Assigner mitre

State PUBLISHED

Description

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The params parameter in the call method of the /rpc endpoint is vulnerable to arbitrary directory traversal, which enables attackers to execute scripts under any path.

← Browse all CVEs View on cve.org ↗