Enhance your router's security by updating to the latest firmware

To all GL.iNet users,

We’ve recently released new firmware versions for specific GL.iNet routers to address some critical security vulnerabilities we’ve found in them. This update includes fixes for CVE-2023-46454, CVE-2023-46455, CVE-2023-46456, CVE-2023-47463, CVE-2023-47464, CVE-2023-50919, CVE-2023-50920, CVE-2023-50921, CVE-2023-50922, CVE-2023-50445, and CVE-2024-27356.

For more detailed information, please read the security advisories on this page.

To ensure the optimal security for your router, you are advised to upgrade your router to the latest firmware if you’re affected. If you want to learn more about the latest firmware version (including the OpenWrt version) available for your router and your router’s support status, visit the Firmware Status Update page.

For any questions, please send us an email at support@glinet.biz at any time.

Best regards,
GL.iNet

1 Like

Your list of CVEs is missing the still supported microuter-N300. Can you please let us know if any of these CVEs effects this model.

Hi eric, thank you for your question! These security vulnerabilities affected particular router models running firmware v4.x. microuter-N300 runs on firmware v3.x, which was not affected.

Interesting. Per the Security Advisories Chart at Security Advisories (Vulnerabilities and CVEs) April 29 2024 - GL.iNet

It shows:

  • GL-XE300 Puli V3.217 and earlier Needs upgraded to: V4.3.16
  • GL-X750 Spitz V3.217 and earlier Needs upgraded to: V4.3.11
  • GL-SFT1200 Opal V3.217 and earlier Needs upgraded to: V4.3.11

So why do these 3 routers running V3.x code need upgraded to 4.x to fix security issues and the microuter-N300 does not need a 4.x upgrade for SECURITY ISSUES. Are there no open CVEs in the currently available firmware for the microuter-N300

Sorry the most severe ones, including the following
CVE-2023-50919 Critical
CVE-2023-50920
CVE-2023-50921
CVE-2024-27356

only affect firmware 4.x.

We will update the advisories.

1 Like

I think this might have erased all my static IP assignments. And now my Echo cant control or rediscover my wifi switches. Not to sound accusatory, the updates are necessary for sure, and I can deal with redoing the static IPs no big deal but I’m trying to figure out why the Echo can’t find my switches. One theory I have might be Upnp related according to this article
Any help would be appreciated

Doesn’t exist :sob:

https://dl.gl-inet.com/router/sft1200/