PatchSiren cyber security CVE debrief
CVE-2026-12187 GL.iNet CVE debrief
A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 4.7 addresses this issue. Upgrading the affected component is advised. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
- Vendor
- GL.iNet
- Product
- GL-MT3000
- CVSS
- HIGH 7.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-14
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-14
- Advisory updated
- 2026-06-15
Who should care
Users of GL.iNet GL-MT3000 up to version 4.4.5
Technical summary
The vulnerability affects the online firmware upgrade handler of GL.iNet GL-MT3000 up to 4.4.5, specifically the /usr/bin/one_click_upgrade file. The vulnerability allows for command injection and can be exploited remotely.
Defensive priority
HIGH
Recommended defensive actions
- Upgrade to version 4.7 or later
- Apply the fixed version of the affected product
Evidence notes
The vendor was contacted early and responded professionally, quickly releasing a fixed version.
Official resources
Publicly disclosed