The GL-iNet Comet (GL-RM1) KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the invalid certificates and fail to connect to the legitimate GL-iNet KVM cloud service.
Attack Parameters
Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Attack Requirements
Present
Additional conditions required
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed
Impact Assessment
Confidentiality
None
No data leak
Integrity
None
No data modification
Availability
Low
Partial disruption
CVSS Vector v4.0
Weakness Type (CWE)
Vulnerable Products
gl-inet:comet kvm
References 3
https://eclypsium.com/blog/your-kvm-is-the-weak-link-how-30-dollar-devices-can-…
9119a7d8-5eab-497f-8521-727c672e3725
https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025…
9119a7d8-5eab-497f-8521-727c672e3725
https://www.cve.org/CVERecord?id=CVE-2026-32293
9119a7d8-5eab-497f-8521-727c672e3725