10 matches found
CVE-2026-26793
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the setconfig function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...
CVE-2026-26795
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the module parameter in the M.getsystemlog function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...
CVE-2026-26791
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the string port parameter in the enableechoserver function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...
GL-iNet GL-AR300M16 安全漏洞
GL-iNet GL-AR300M16 is a portable mini router produced by the Chinese company GL-iNet. The version GL-iNet GL-AR300M16 v4.3.11 contains a security vulnerability. This vulnerability stems from the module parameter in the M.getsystemlog function, which allows for command injection, potentially...
CVE-2026-26792
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain multiple command injection vulnerabilities in the setupgrade function via the modemurl, targetversion, currentversion, firmwareupload, hashtype, hashvalue, and upgradetype parameters. These vulnerabilities allow attackers to execute arbitrary...
CVE-2026-26791
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the string port parameter in the enableechoserver function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...
PT-2026-25027
🔴 CVE-2026-26795 - Critical GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the module parameter in the M.get system log function. This vulnerability allows attackers to e... https://t.co/NCxeIgOxEq https://t.co/P5rgFdajLA...
CVE-2026-26793
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the setconfig function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...
CVE-2026-26793
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the setconfig function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...
CVE-2026-26794
GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a SQL injection vulnerability via the addgroup function. This vulnerability allows attackers to execute arbitrary SQL database operations via a crafted HTTP request...