Vulnerability in N/a

CVE-2026-26795

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the module parameter in the M.get_system_log function. This vulnerability allows attackers to execute arbitrary commands via a crafted input.

EPSS: 0.011 (78.5th percentile) — read the EPSS interpretation.

Affected products

  • N/a — versions n/a

References