Cyber Resilience

CVE-2025-67090

MediumPublic PoC

Published: 08 January 2026

Published
08 January 2026
Modified
16 January 2026
KEV Added
Patch
CVSS Score v3.1 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
EPSS Score 0.0014 33.3th percentile
Risk Priority 10 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-67090 is a medium-severity Improper Restriction of Excessive Authentication Attempts (CWE-307) vulnerability in Gl-Inet Ax1800 Firmware. Its CVSS base score is 5.1 (Medium).

Operationally, ranked at the 33.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

The LuCI web interface on Gl Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. Fix available in version 4.8.2 GL.Inet AX1800 Version 4.6.4 & 4.6.8 lacks rate limiting or account lockout mechanisms on the authentication endpoint (`/cgi-bin/luci`). An unauthenticated…

more

attacker on the local network can perform unlimited password attempts against the admin interface.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

gl-inet
ax1800 firmware
4.2.0, 4.6.4, 4.6.8

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-307

This control directly enforces limits on consecutive invalid logon attempts and automatic response (e.g., lockout) to prevent brute-force exploitation of authentication mechanisms.

addresses: CWE-307

Specific conditions can include excessive failed attempts, triggering stronger authentication that restricts brute-force exploitation.

References