logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2024-39229

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2024-39229

Description:
An issue in GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, XE3000/X3000 v4, and B2200/MV1000/MV1000W/USB150/N300/SF1200 v3.216 allows attackers to intercept communications via a man-in-the-middle attack when DDNS clients are reporting data to the server.
Last updated date:
08/15/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
08/12/2024
Reference url to background

https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/DDNS%20data%20is%20not%20encrypted.md

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy