Vulnerability in N/a

CVE-2026-26794

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a SQL injection vulnerability via the add_group() function. This vulnerability allows attackers to execute arbitrary SQL database operations via a crafted HTTP request.

EPSS: 0.003 (50.5th percentile) — read the EPSS interpretation.

Affected products

  • N/a — versions n/a

References