CVE-2026-12187
published 2026-06-14CVE-2026-12187: A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file…
PriorityP268high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.94%
77.6th percentile
A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 4.7 addresses this issue. Upgrading the affected component is advised. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gl.inet | gl-mt3000 | — | — |
| gl.inet | gl-mt3000 | — | — |
| gl.inet | gl-mt3000 | — | — |
| gl.inet | gl-mt3000 | — | — |
| gl.inet | gl-mt3000 | — | — |
| gl.inet | gl-mt3000 | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.07.4HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5.
ghsa_unreviewed·2026-06-15
CVE-2026-12187 [HIGH] CWE-74 A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5.
A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 4.7 addresses this issue. Upgrading the affected component is advised. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
VulDB
GL.iNet GL-MT3000 up to 4.4.5 Online Firmware Upgrade one_click_upgrade command injection
vuldb·2026-06-14·CVSS 8.8
CVE-2026-12187 [HIGH] GL.iNet GL-MT3000 up to 4.4.5 Online Firmware Upgrade one_click_upgrade command injection
A vulnerability classified as critical was found in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection.
This vulnerability is uniquely identified as CVE-2026-12187. The attack can be launched remotely. Moreover, an exploit is present.
Upgrading the affected component is advised.
The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-14
Published