216.73.217.98

CVE-2026-11505

· Published 08/06/2026 12:16 · Modified 08/06/2026 14:57

Labels: CVE-2026-11505 2026-06-08CVE-2026-11505CWE-320[email protected]

Essential information

Published
08/06/2026 12:16
Modified
08/06/2026 14:57
Author
Creator
CVSS
2.3 LOW (v3) 2.3 LOW (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is reported as difficult. Upgrading to version 4.9.0 mitigates this issue. Upgrading the affected component is advised.

NVD status

Status
Deferred — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
gl.inet / a1300 cpe:2.3:a:gl.inet:a1300:4.8.*:*:*:*:*:*:*:*
gl.inet / ax1800 cpe:2.3:a:gl.inet:ax1800:4.8.*:*:*:*:*:*:*:*
gl.inet / axt1800 cpe:2.3:a:gl.inet:axt1800:4.8.*:*:*:*:*:*:*:*
gl.inet / mt2500 cpe:2.3:a:gl.inet:mt2500:4.8.*:*:*:*:*:*:*:*
gl.inet / mt3000 cpe:2.3:a:gl.inet:mt3000:4.8.*:*:*:*:*:*:*:*
gl.inet / mt6000 cpe:2.3:a:gl.inet:mt6000:4.8.*:*:*:*:*:*:*:*
gl.inet / x3000 cpe:2.3:a:gl.inet:x3000:4.8.*:*:*:*:*:*:*:*
gl.inet / xe3000 cpe:2.3:a:gl.inet:xe3000:4.8.*:*:*:*:*:*:*:*

References