CVE Catalog

CVE-2026-11505

MediumCVSS 5.0
Published: Updated: Translated: NVD NIST

Summary

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x in an unknown function of the component glnassys. Executing a manipulation can lead to the use of a hard-coded cryptographic key.

Risk Assessment

The attack may be launched remotely, but it requires a high level of complexity, making its exploitability difficult. Nevertheless, this vulnerability may pose a threat to data security.

Recommendation

It is advised to upgrade to version 4.9.0 to mitigate this issue. Additionally, upgrading the affected component is recommended.

Original NVD description (English source)

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is reported as difficult. Upgrading to version 4.9.0 mitigates this issue. Upgrading the affected component is advised.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS