CVE-2024-27356

HIGH

GL-iNet Firmware - Unauthenticated Sensitive Information Exposure via File Download Commands

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-27356. PoCs published by Bandar Alharbi.

AI-analyzed exploit summary This exploit leverages an unauthenticated arbitrary file download vulnerability in GL-iNet MT6000 devices to retrieve sensitive log files. It checks for vulnerability conditions and downloads the logread.tar archive if available.

Description

An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical user information. This affects MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300, X750 4.3.7, SFT1200 4.3.7, XE300 4.3.7, MT1300 4.3.10, AR750 4.3.10, AR750S 4.3.10, AR300M 4.3.10, AR300M16 4.3.10, B1300 4.3.10, MT300N-v2 4.3.10, X300B 3.217, S1300 3.216, SF1200 3.216, MV1000 3.216, N300 3.216, B2200 3.216, and X1200 3.203.

Exploits (1)

exploitdb WORKING POC

by Bandar Alharbi · pythonremotehardware

https://www.exploit-db.com/exploits/51942

View Code ZIP pw:eip

This exploit leverages an unauthenticated arbitrary file download vulnerability in GL-iNet MT6000 devices to retrieve sensitive log files. It checks for vulnerability conditions and downloads the logread.tar archive if available.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: GL-iNet MT6000 firmware versions starting with 4.x

No auth needed

Prerequisites: Network access to the target device's web interface

MITRE ATT&CK

T1592 - Gather Victim Host Information T1082 - System Information Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory

https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Download_file_vulnerability.md

View Writeup ZIP pw:eip

Product

https://gl-inet.com

Scores

CVSS v3 7.5

EPSS 0.2391

EPSS Percentile 97.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (26)

gl-inet/a1300_firmware 4.5.0

gl-inet/ar300m16_firmware 4.3.10

gl-inet/ar300m_firmware 4.3.10

gl-inet/ar750_firmware 4.3.10

gl-inet/ar750s_firmware 4.3.10

gl-inet/ax1800_firmware 4.5.0

gl-inet/axt1800_firmware 4.5.0

gl-inet/b1300_firmware 4.3.10

gl-inet/b2200_firmware 3.216

gl-inet/mt1300_firmware 4.3.10

... and 16 more

Published Feb 27, 2024

Tracked Since Feb 18, 2026