ByteOS Network

CVE Vulnerability Details :

CVE-2026-11452

PUBLISHED

More Info Official Page

Assigner-VulDB

Assigner Org ID-1af790b2-7ee1-4545-860a-a788eba489b5

Published At-07 Jun, 2026 | 03:15

Updated At-08 Jun, 2026 | 16:33

▼CVE Numbering Authority (CNA)

GL.iNet GL-MT3000 SET_USER_PWD glc FUN_0042e200 command injection

A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function FUN_0042e200 of the file /cgi-bin/glc of the component SET_USER_PWD Handler. The manipulation of the argument Password leads to command injection. The attack can be initiated remotely. Upgrading to version 4.8.1 is able to address this issue. The affected component should be upgraded. The vendor explains: " The current code escapes single quotes in the password parameter and handles it inside a shell single‑quote context. The payloads in the report, which rely on $() or backticks to trigger command substitution, are not executed under the current code path. We tested on a GL‑MT3000 device running firmware 4.8.1 using similar payloads, and no command‑execution marker file was created."

Affected Products

Vendor

GL.iNet

Product

GL-MT3000

CPEs

cpe:2.3:o:gl-inet:gl-mt3000_firmware:*:*:*:*:*:*:*:*

Modules

SET_USER_PWD Handler

Versions

Affected

4.4.0
4.4.1
4.4.2
4.4.3
4.4.4
4.4.5

Unaffected

4.8.1

Problem Types

Type	CWE ID	Description
CWE	CWE-77	Command Injection
CWE	CWE-74	Injection

Type: CWE

CWE ID: CWE-77

Description: Command Injection

Type: CWE

CWE ID: CWE-74

Description: Injection

Metrics

Version	Base score	Base severity	Vector
4.0	6.9	MEDIUM	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X
3.1	7.3	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C
3.0	7.3	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C
2.0	7.5	N/A	AV:N/AC:L/Au:N/C:P/I:P/A:P/E:ND/RL:OF/RC:C

Version: 4.0

Base score: 6.9

Base severity: MEDIUM

Vector:

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X

Version: 3.1

Base score: 7.3

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C

Version: 3.0

Base score: 7.3

Base severity: HIGH

Vector:

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C

Version: 2.0

Base score: 7.5

Base severity: N/A

Vector:

AV:N/AC:L/Au:N/C:P/I:P/A:P/E:ND/RL:OF/RC:C

Credits

reporter

strforexc (VulDB User)

coordinator

VulDB CNA Team

Timeline

Event	Date
Advisory disclosed	2026-06-06 00:00:00
VulDB entry created	2026-06-06 02:00:00
VulDB entry last update	2026-06-06 12:38:42

Event: Advisory disclosed

Date: 2026-06-06 00:00:00

Event: VulDB entry created

Date: 2026-06-06 02:00:00

Event: VulDB entry last update

Date: 2026-06-06 12:38:42

References

Hyperlink	Resource
https://vuldb.com/vuln/369072	vdb-entry technical-description
https://vuldb.com/vuln/369072/cti	signature permissions-required
https://vuldb.com/cve/CVE-2026-11452	third-party-advisory
https://vuldb.com/submit/826378	third-party-advisory
https://github.com/StrTzz123/iot_vul/blob/main/GL-iNet/MT3000/4.4.5/nas_set_user_pwd_glc_rce/Readme.md	related

Hyperlink: https://vuldb.com/vuln/369072

Resource:

vdb-entry

technical-description

Hyperlink: https://vuldb.com/vuln/369072/cti

Resource:

signature

permissions-required

Hyperlink: https://vuldb.com/cve/CVE-2026-11452

Resource:

third-party-advisory

Hyperlink: https://vuldb.com/submit/826378

Resource:

third-party-advisory

Hyperlink: https://github.com/StrTzz123/iot_vul/blob/main/GL-iNet/MT3000/4.4.5/nas_set_user_pwd_glc_rce/Readme.md

Resource:

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Affected Products

Affected

Unaffected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References