Security Advisory

CVE-2026-32291

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-17 17:18:34

Last updated 2026-03-23 19:34:20

Assigner cisa-cg

State PUBLISHED

Description

The GL-iNet Comet (GL-RM1) KVM before 1.8.2 does not require authentication on the UART serial console. This attack requires physically opening the device and connecting to the UART pins.

← Browse all CVEs View on cve.org ↗