Gargoyle Router

gargoyle-router

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Gargoyle

gargoyle

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-10145 1Gargoyle Router 1Gargoyle Jan 29, 2026 Dec 31, 2025 8.7 HIGH· v4 8.8 HIGH· v3 N/A· v2 Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/run_commands.sh. The application fails to properly restrict or validate input supplied via the 'co...Show more Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/run_commands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary shell commands on the underlying system. Successful exploitation may result in full compromise of the device, including unauthorized access to system files and execution of attacker-controlled commands.Show less
CVE-2021-23270 1Gargoyle Router 1Gargoyle Nov 21, 2024 Apr 12, 2021 N/A· v4 7.5 HIGH· v3 4.3 MEDIUM· v2 In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point...Show more In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2015-10145

1Gargoyle Router

1Gargoyle

Jan 29, 2026

Dec 31, 2025

8.7 HIGH· v4

8.8 HIGH· v3

N/A· v2

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/run_commands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary shell commands on the underlying system. Successful exploitation may result in full compromise of the device, including unauthorized access to system files and execution of attacker-controlled commands.Show less

CVE-2021-23270

1Gargoyle Router

1Gargoyle

Nov 21, 2024

Apr 12, 2021

N/A· v4

7.5 HIGH· v3

4.3 MEDIUM· v2

In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.Show less