Exploit for CVE-2026-11450

GL.iNet Beryl AX Triple RCE PoC PoC for three unauthenticated...

CVE-2026-41448

AdGuard Home, when started with the --glinet flag, contains an authentication bypass vulnerability that allows unauthenticated attackers to gain full admin access by supplying a path traversal sequence in the Admin-Token cookie, exploiting unsanitized string concatenation in the token file path...

CVE-2026-11505

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via unsanitized string concatenation in the authglinet middleware when the application is started in GLiNET mode. An attacker can gain full administrative access by supplying a crafted path traversal sequence in the...

CVE-2026-41448

AdGuard Home, when started with the --glinet flag, contains an authentication bypass vulnerability that allows unauthenticated attackers to gain full admin access by supplying a path traversal sequence in the Admin-Token cookie, exploiting unsanitized string concatenation in the token file path...

CVE-2026-41448

CVE-2026-41448 affects AdGuard Home when started with --glinet. The vulnerability stems from unsanitized path construction in the authglinet middleware, enabling an authentication bypass via a crafted path traversal sequence in the Admin-Token cookie/header, yielding unauthenticated full admin ac...

CVE-2026-41448 AdGuard Home Authentication Bypass via Path Traversal in Admin-Token Cookie

AdGuard Home, when started with the --glinet flag, contains an authentication bypass vulnerability that allows unauthenticated attackers to gain full admin access by supplying a path traversal sequence in the Admin-Token cookie, exploiting unsanitized string concatenation in the token file path...

CVE-2026-41448 AdGuard Home Authentication Bypass via Path Traversal in Admin-Token Cookie

AdGuard Home, when started with the --glinet flag, contains an authentication bypass vulnerability that allows unauthenticated attackers to gain full admin access by supplying a path traversal sequence in the Admin-Token cookie, exploiting unsanitized string concatenation in the token file path...

CVE-2026-41448

AdGuard Home, when started with the --glinet flag, contains an authentication bypass vulnerability that allows unauthenticated attackers to gain full admin access by supplying a path traversal sequence in the Admin-Token cookie, exploiting unsanitized string concatenation in the token file path...

EUVD-2026-35126

AdGuard Home, when started with the --glinet flag, contains an authentication bypass vulnerability that allows unauthenticated attackers to gain full admin access by supplying a path traversal sequence in the Admin-Token cookie, exploiting unsanitized string concatenation in the token file path...

CVE-2026-11451

A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts the function snprintf of the file /cgi-bin/glc of the component FTP Protocol Handler. Executing a manipulation of the argument mediadir can lead to command injection. It is possible to launch the attack remotely. Upgrading to version...

CVE-2026-11450

A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalization Handler. Performing a manipulation of the argument devname results in command injection. It is possible to initiate the attack...

PT-2026-47346

Name of the Vulnerable Software and Affected Versions AdGuard Home versions prior to 0.107.77 Description When started with the --glinet flag, the software contains an authentication bypass that allows unauthenticated attackers to gain full administrative access. This occurs due to unsanitized...

CVE-2026-11450

A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalization Handler. Performing a manipulation of the argument devname results in command injection. It is possible to initiate the attack...

CVE-2026-11450 GL.iNet GL-MT3000 Path Normalization dlopen command injection

A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalization Handler. Performing a manipulation of the argument devname results in command injection. It is possible to initiate the attack...

CVE-2026-11448 GL.iNet GL-MT3000 Minidlna Service rpc realpath command injection

A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument kube. set causes command injection. The attack is possible to be carried out remotely. Upgrading to...

CVE-2026-11448

CVE-2026-11448 affects GL.iNet GL-MT3000 up to version 4.4.5. The vulnerability resides in the Minidlna Service, where the /rpc realpath function can be manipulated via the kube.set argument to cause a remote command injection. The issue can be triggered over the network without user interaction,...

CVE-2026-11447 GL.iNet GL-MT3000 MTK Backend iwinfo.so iwinfo_backend command injection

A security flaw has been discovered in GL.iNet GL-MT3000 up to 4.4.5. Impacted is the function iwinfobackend of the file iwinfo.so of the component MTK Backend. The manipulation of the argument device results in command injection. The attack can be executed remotely. The exploit has been released...

PT-2026-47170

A security vulnerability has been detected in GL.iNet GL-MT3000 4.4.5. The impacted element is the function rpc sys of the file /cgi-bin/luci/rpc of the component LuCI JSON-RPC Interface. Such manipulation leads to command injection. The attack may be performed from remote. Upgrading to version...

CVE-2023-46453

GL.iNet devices running firmware 4.x (notably 4.3.7 on models such as GL-MT3000, GL-AR300M, GL-B1300, GL-AX1800, GL-AR750S, GL-MT2500, GL-AXT1800, GL-X3000, GL-SFT1200) are affected by CVE-2023-46453, an authentication bypass in the web interface. The root cause involves a vulnerable authenticati...