Description
A security flaw has been discovered in GL.iNet GL-MT3000 up to 4.4.5. Impacted is the function iwinfo_backend of the file iwinfo.so of the component MTK Backend. The manipulation of the argument device results in command injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading to version 4.7 is recommended to address this issue. Upgrading the affected component is recommended. The vendor confirms: "Starting from version 4.7, SDK has added global protection to intercept malicious injection".
Published: 2026-06-07
Score: 5.3 Medium
EPSS: 1.1% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

iwinfo_backend in GL.iNet GL‑MT3000 firmware up to 4.4.5 allows a remote attacker to inject arbitrary shell commands by manipulating the device argument of the iwinfo command. The vulnerability is a command injection, classified by CWE‑74 and CWE‑77. The manipulation can lead to remote code execution, potentially compromising confidentiality, integrity, and availability of the device. Based on the description, it is inferred that a successful injection could allow an attacker to execute arbitrary commands on the router, but the exact extent of control is not directly stated in the official data.

Affected Systems

GL.iNet GL‑MT3000 routers running firmware version 4.4.5 or earlier are affected. The vulnerability resides in the MTK Backend component, specifically the iwinfo.so library. Firmware 4.7 and newer include a protection mechanism that intercepts malicious injection attempts.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity. EPSS is not available, but the vulnerability is publicly disclosed and demonstrable, so exploitation is likely for any attacker who can reach the affected interface. The flaw can be triggered remotely without privileged local access, making it attractive for widespread attacks. The vulnerability is not yet listed in CISA KEV, but the public availability of the exploit suggests a need for immediate action.

Generated by OpenCVE AI on June 7, 2026 at 02:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the router firmware to version 4.7 or later, which adds a global protection layer against injection.
  • If an upgrade cannot be performed immediately, restrict external access to the iwinfo backend by configuring firewall rules or disabling the feature on the device.
  • Deploy an IP whitelist or VPN to limit remote connections that can invoke iwinfo commands.
  • Monitor system logs for unusual command execution patterns and alert on potential misuse.

Generated by OpenCVE AI on June 7, 2026 at 02:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 08 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Sun, 07 Jun 2026 03:15:00 +0000

Type Values Removed Values Added
First Time appeared Gl-inet gl-mt3000
Vendors & Products Gl-inet gl-mt3000

Sun, 07 Jun 2026 01:45:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in GL.iNet GL-MT3000 up to 4.4.5. Impacted is the function iwinfo_backend of the file iwinfo.so of the component MTK Backend. The manipulation of the argument device results in command injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading to version 4.7 is recommended to address this issue. Upgrading the affected component is recommended. The vendor confirms: "Starting from version 4.7, SDK has added global protection to intercept malicious injection".
Title GL.iNet GL-MT3000 MTK Backend iwinfo.so iwinfo_backend command injection
First Time appeared Gl-inet
Gl-inet gl-mt3000 Firmware
Weaknesses CWE-74
CWE-77
CPEs cpe:2.3:o:gl-inet:gl-mt3000_firmware:*:*:*:*:*:*:*:*
Vendors & Products Gl-inet
Gl-inet gl-mt3000 Firmware
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Gl-inet Gl-mt3000 Gl-mt3000 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-08T13:13:12.085Z

Reserved: 2026-06-06T10:33:08.860Z

Link: CVE-2026-11447

cve-icon Vulnrichment

Updated: 2026-06-08T13:13:06.507Z

cve-icon NVD

Status : Deferred

Published: 2026-06-07T02:16:23.313

Modified: 2026-06-08T14:57:14.757

Link: CVE-2026-11447

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-07T03:00:15Z

Weaknesses
  • CWE-74

    Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

  • CWE-77

    Improper Neutralization of Special Elements used in a Command ('Command Injection')