CVE-2026-12186
published 2026-06-14CVE-2026-12186: A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function replace_country in the library /usr/lib/oui-httpd/rpc/tor of the…
PriorityP266high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.97%
77.9th percentile
A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function replace_country in the library /usr/lib/oui-httpd/rpc/tor of the component Tor Proxy Service Configuration Handler. This manipulation causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 4.7 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gl.inet | gl-mt3000 | — | — |
| gl.inet | gl-mt3000 | — | — |
| gl.inet | gl-mt3000 | — | — |
| gl.inet | gl-mt3000 | — | — |
| gl.inet | gl-mt3000 | — | — |
| gl.inet | gl-mt3000 | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.07.4HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5.
ghsa_unreviewed·2026-06-14
CVE-2026-12186 [HIGH] CWE-74 A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5.
A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function replace_country in the library /usr/lib/oui-httpd/rpc/tor of the component Tor Proxy Service Configuration Handler. This manipulation causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 4.7 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
VulDB
GL.iNet GL-MT3000 up to 4.4.5 Tor Proxy Service Configuration tor replace_country command injection (EUVD-2026-36665)
vuldb·2026-06-14·CVSS 8.8
CVE-2026-12186 [HIGH] GL.iNet GL-MT3000 up to 4.4.5 Tor Proxy Service Configuration tor replace_country command injection (EUVD-2026-36665)
A vulnerability classified as critical has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function replace_country in the library /usr/lib/oui-httpd/rpc/tor of the component Tor Proxy Service Configuration Handler. This manipulation causes command injection.
This vulnerability is handled as CVE-2026-12186. The attack can be initiated remotely. Additionally, an exploit exists.
It is recommended to upgrade the affected component.
The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://fw.gl-inet.com/firmware/mt3000/release/mt3000-4.8.1-0819-1755615825.tarhttps://github.com/StrTzz123/iot_vul/blob/main/GL-iNet/MT3000/4.4.5/tor_set_config/Readme.mdhttps://vuldb.com/cve/CVE-2026-12186https://vuldb.com/submit/815579https://vuldb.com/vuln/370832https://vuldb.com/vuln/370832/cti
2026-06-14
Published