Vulnerabilities

CVE-2026-32290

by Fred · 17/03/2026

The GL-iNet Comet (GL-RM1) KVM before version 1.8.2 does not sufficiently verify the authenticity of uploaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding MD5 hash to pass verification.

More information : https://dl.gl-inet.com/release/kvm/release/RM1/1.8.2

Similar

Tags: Cybersecurity Alert