medium
6.9
CWE
1333 400
Advisory Published
Updated

CVE-2025-2811: GL.iNet GL-A1300 Slate Plus API redos

First published: Sat Apr 26 2025(Updated: )

A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-AR750 Creta, GL-AR750S-EXT Slate, GL-AX1800 Flint, GL-AXT1800 Slate AX, GL-B1300 Convexa-B, GL-B3000 Marble, GL-BE3600 Slate 7, GL-E750, GL-E750V2 Mudi, GL-MT300N-V2 Mango, GL-MT1300 Beryl, GL-MT2500 Brume 2, GL-MT3000 Beryl AX, GL-MT6000 Flint 2, GL-SFT1200 Opal, GL-X300B Collie, GL-X750 Spitz, GL-X3000 Spitz AX, GL-XE300 Puli and GL-XE3000 Puli AX 4.x. It has been declared as problematic. This vulnerability affects unknown code of the component API. The manipulation leads to inefficient regular expression complexity. It is recommended to upgrade the affected component.

Credit: cna@vuldb.com

Affected SoftwareAffected VersionHow to fix
GL.iNet GL-A1300 Slate Plus>=4.0
GL.iNet GL-AR300M Shadow>=4.0
GL.iNet GL-AR300M Shadow>=4.0
GL.iNet GL-AR750 Creta>=4.0
GL.iNet GL-AR750S-EXT Slate>=4.0
GL.iNet GL-AX1800 Flint>=4.0
GL.iNet GL-AXT1800 Slate AX>=4.0
GL.iNet GL-B1300 Convexa-B>=4.0
GL.iNet GL-B3000 Marble>=4.0
GL.iNet GL-BE3600 Slate 7>=4.0
GL.iNet GL-E750V2 Mudi>=4.0
GL.iNet GL-E750V2 Mudi>=4.0
GL.iNet GL-MT300N-V2 Mango>=4.0
GL.iNet GL-MT1300 Beryl>=4.0
GL.iNet GL-MT2500 Brume 2>=4.0
GL.iNet GL-MT3000 Beryl AX>=4.0
GL.iNet GL-MT6000 Flint 2>=4.0
GL.iNet GL-SFT1200 Opal>=4.0
GL.iNet GL-X300B Collie>=4.0
GL.iNet GL-X750 Spitz>=4.0
GL.iNet GL-X3000 Spitz AX>=4.0
GL.iNet GL-XE300 Puli>=4.0
GL.iNet GL-XE3000 Puli AX>=4.0

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2025-2811?

    CVE-2025-2811 has been classified as a medium severity vulnerability due to its potential impact on affected devices.

  • How do I fix CVE-2025-2811?

    To fix CVE-2025-2811, update the firmware of your GL.iNet device to the latest version available.

  • Which devices are affected by CVE-2025-2811?

    CVE-2025-2811 affects multiple GL.iNet products, including the GL-A1300 Slate Plus, GL-AR300M Shadow, and GL-AX1800 Flint, among others.

  • What type of vulnerability is CVE-2025-2811?

    CVE-2025-2811 is a security vulnerability potentially exposing affected devices to unauthorized access.

  • Is there a patch available for CVE-2025-2811?

    Yes, a patch for CVE-2025-2811 is included in the latest firmware updates from GL.iNet.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203