CVE-2024-45263 is a vulnerability identified in several GL-iNet router models (MT6000, MT3000, MT2500, AXT1800, AX1800) running firmware version 4.6.2. The core issue lies in the device's upload interface, which allows unauthenticated attackers to upload arbitrary files to the device. This unrestricted file upload vulnerability is categorized under CWE-434, indicating that the system fails to properly restrict the types of files that can be uploaded, thereby permitting potentially dangerous files to be placed on the device. Once uploaded, these files can be executed by the device, enabling attackers to leak sensitive information and gain complete control over the router. The vulnerability requires no privileges or user interaction, and can be exploited remotely over the network, as indicated by the CVSS vector (AV:A/AC:L/PR:N/UI:N). The CVSS score of 8.8 (high severity) reflects the significant impact on confidentiality, integrity, and availability, combined with the low complexity of exploitation. No patches or mitigations have been officially released at the time of publication, and no known exploits are reported in the wild. This vulnerability poses a serious risk to organizations and individuals relying on affected GL-iNet devices for network connectivity and security.

The exploitation of CVE-2024-45263 can have severe consequences for organizations worldwide. Attackers gaining arbitrary file upload and execution capabilities on GL-iNet routers can lead to full device compromise, allowing them to intercept, modify, or redirect network traffic. This can result in the leakage of sensitive information such as credentials, internal communications, and configuration data. The integrity of the network can be undermined by installing persistent backdoors or malware, enabling long-term espionage or sabotage. Availability may also be impacted if attackers disrupt device functionality or launch denial-of-service conditions. Given that these routers are often deployed in both enterprise and consumer environments, the scope of impact ranges from individual privacy violations to large-scale breaches affecting corporate networks. The lack of authentication and user interaction requirements increases the risk of automated exploitation campaigns. Organizations using these devices in critical infrastructure, remote offices, or IoT gateways face heightened risks of operational disruption and data loss.

To mitigate CVE-2024-45263, organizations should immediately restrict network access to the upload interface of affected GL-iNet devices, ideally by implementing firewall rules or network segmentation to limit exposure to trusted management networks only. Monitoring network traffic for unusual upload attempts or unexpected file transfers to the device can help detect exploitation attempts early. Administrators should disable any unnecessary upload functionalities if configurable. Since no official patches are currently available, contacting GL-iNet support for guidance and monitoring their advisories for firmware updates is critical. Applying firmware updates promptly once released is essential to remediate the vulnerability. Additionally, implementing strong network access controls, such as VPNs or multi-factor authentication for device management, can reduce the attack surface. Regularly auditing device configurations and logs for anomalies will aid in early detection of compromise. Organizations should also consider replacing affected devices with models that have confirmed secure firmware if mitigation is not feasible in the short term.