| Titel | GL.iNet KVM 1.8.1 Access Authentication Bypass |
|---|
| Beschreibung | This vulnerability fails to clear the user binding relationship after a user binds to the device and then resets it, resulting in the bound user still being able to remotely operate the device after the reset.GL.iNet's official website has fixed this issue in the version 1.8.2 firmware.Thanks to Dustin Eastman, Security Engineer, for identifying this issue. |
|---|
| Quelle | ⚠️ https://github.com/gl-inet/CVE-issues/blob/main/KVM/1.8.1/Remote%20Access%20Authentication%20Bypass%20After%20Factory%20Reset.md |
|---|
| Benutzer | GLiNet (UID 96704) |
|---|
| Einreichung | 24.03.2026 03:22 (vor 17 Tagen) |
|---|
| Moderieren | 09.04.2026 11:50 (16 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 356512 [GL.iNet GL-RM1/GL-RM10/GL-RM10RC/GL-RM1PE 1.8.1 Factory Reset schwache Authentisierung] |
|---|
| Punkte | 18 |
|---|