Cyber Resilience

CVE-2024-28077

High

Published: 26 August 2024

Published
26 August 2024
Modified
14 March 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0013 31.5th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-28077 is a high-severity an unspecified weakness vulnerability in Gl-Inet Mt6000 Firmware. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Service Stop (T1489); ranked at the 31.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

A denial-of-service issue was discovered on certain GL-iNet devices. Some websites can detect devices exposed to the external network through DDNS, and consequently obtain the IP addresses and ports of devices that are exposed. By using special usernames and special…

more

characters (such as half parentheses or square brackets), one can call the login interface and cause the session-management program to crash, resulting in customers being unable to log into their devices. This affects MT6000 4.5.6, XE3000 4.4.5, X3000 4.4.6, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300, X750 4.3.7, SFT1200 4.3.7, MT1300 4.3.10, AR750 4.3.10, AR750S 4.3.10, AR300M 4.3.10, AR300M16 4.3.10, B1300 4.3.10, MT300N-V2 4.3.10, and XE300 4.3.16.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1489 Service Stop Impact
Adversaries may stop or disable services on a system to render those services unavailable to legitimate users.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

The vulnerability enables denial of service by crashing the session-management program via specially crafted usernames and characters in the login interface, stopping the login service (T1489) and exploiting the application for endpoint DoS (T1499.004).

Affected Assets

gl-inet
mt6000 firmware
4.5.6
gl-inet
x3000 firmware
4.4.6
gl-inet
xe3000 firmware
4.4.4
gl-inet
a1300 firmware
4.5.0
gl-inet
ax1800 firmware
4.5.0
gl-inet
axt1800 firmware
4.5.0
gl-inet
mt2500 firmware
4.5.0
gl-inet
mt3000 firmware
4.5.0
gl-inet
xe300 firmware
4.3.16
gl-inet
x750 firmware
4.3.7
+8 more product configuration(s) — see NVD for full list

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References