CVE-2023-31474 - Exploiting Opkg Regex Injection in GL.iNet Routers for Directory Listing
In 2023, a vulnerability labeled CVE-2023-31474 was discovered in GL.iNet routers (before firmware version 3.216). This flaw lets attackers abuse the web interface’
CVE-2022-42054 - Multiple Stored XSS in GL.iNet GoodCloud IoT Device Management System – Exploit, Details, and Guidance
Stored Cross-Site Scripting (XSS) is a persistent and serious vulnerability, especially in IoT management platforms. In 2022, CVE-2022-42054 exposed such risks in the popular GL.