Check Point Advisories

GL.iNET Devices Authentication Bypass (CVE-2024-27356)

Vulnerability
Protection

Check Point Reference:	CPAI-2024-0220
Date Published:	5 May 2024
Severity:	High
Last Updated:	Sunday 05 May, 2024
Source:
Industry Reference:	CVE-2024-27356
Protection Provided by:	Security Gateway R81, R80, R77, R75
Who is Vulnerable?	GL.iNET MT6000 4.5.5 GL.iNET XE3000 4.4.4 GL.iNET X3000 4.4.5 GL.iNET MT3000 4.5.0 GL.iNET MT2500 4.5.0 GL.iNET AXT1800 4.5.0 GL.iNET AX1800 4.5.0 GL.iNET A1300 4.5.0 GL.iNET S200 4.1.4-0300 GL.iNET X750 4.3.7 GL.iNET SFT1200 4.3.7 GL.iNET XE300 4.3.7 GL.iNET MT1300 4.3.10 GL.iNET AR750 4.3.10 GL.iNET AR750S 4.3.10 GL.iNET AR300M 4.3.10 GL.iNET AR300M16 4.3.10 GL.iNET B1300 4.3.10 GL.iNET MT300N-v2 4.3.10 GL.iNET X300B 3.217 GL.iNET S1300 3.216 GL.iNET SF1200 3.216 GL.iNET MV1000 3.21 GL.iNET N300 3.216 GL.iNET B2200 3.216 GL.iNET X1200 3.203.
Vulnerability Description	An authentication bypass vulnerability exists in GL.iNET devices. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system.

Protection Overview

This protection detects attempts to exploit this vulnerability.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R81 / R80 / R77 / R75

In the IPS tab, click Protections and find the GL.iNET Devices Authentication Bypass (CVE-2024-27356) protection using the Search tool and Edit the protection's settings.
Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name: Application Servers Protection Violation.
Attack Information: GL.iNET Devices Authentication Bypass (CVE-2024-27356)