Browse all 5 CVE security advisories affecting GL-iNet. AI-powered Chinese analysis, POCs, and references for each vulnerability.
GL-Inet develops compact routers and network devices for small businesses and home users, focusing on easy deployment and wireless connectivity. Historically, their products have faced multiple remote code execution vulnerabilities, cross-site scripting issues, and privilege escalation flaws, often stemming from inadequate input validation and default configurations. With five CVEs documented, security researchers have identified weaknesses in web interfaces and firmware that could allow unauthorized access. While no major public incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential risks for unpatched deployments, emphasizing the need for regular updates and proper hardening of these networking solutions.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-32293 | GL-iNet Comet (GL-RM1) KVM insufficient certificate validation — Comet KVMCWE-295 | 3.7 | Low | 2026-03-17 |
| CVE-2026-32292 | GL-iNet Comet (GL-RM1) KVM insufficient login rate-limiting — Comet KVMCWE-307 | 7.5 | High | 2026-03-17 |
| CVE-2026-32291 | GL-iNet Comet (GL-RM1) KVM unauthenticated root access via UART serial console — Comet KVMCWE-306 | 6.8 | Medium | 2026-03-17 |
| CVE-2026-32290 | GL-iNet Comet (GL-RM1) KVM insufficient firmware verification — Comet KVMCWE-345 | 4.7 | Medium | 2026-03-17 |
| CVE-2025-44018 | GL-Inet GL-AXT1800 安全漏洞 — GL-AXT1800CWE-295 | 8.3 | High | 2025-11-24 |
This page lists every published CVE security advisory associated with GL-iNet. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.