Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GL-iNet Comet (GL-RM1) KVM unauthenticated root access via UART serial console
Vulnerability Description
The GL-iNet Comet (GL-RM1) KVM before 1.8.2 does not require authentication on the UART serial console. This attack requires physically opening the device and connecting to the UART pins.
CVSS Information
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
GL-iNet Comet 安全漏洞
Vulnerability Description
GL-iNet Comet是中国GL-iNet公司的一款便携式多功能网络设备。 GL-iNet Comet存在安全漏洞,该漏洞源于UART串行控制台无需身份验证,可能导致物理访问设备的攻击者连接UART引脚。
CVSS Information
N/A
Vulnerability Type
N/A