CVE-2026-26794 | GL-iNet GL-AR300M16 4.3.11 HTTP add_group sql injection

Inserito da Angelo Barbosa | Mar 12, 2026 | CVE

A vulnerability, which was classified as critical, was found in GL-iNet GL-AR300M16 4.3.11. This impacts the function add_group of the component HTTP Handler. Such manipulation leads to sql injection.

This vulnerability is traded as CVE-2026-26794. The attack may be launched remotely. There is no exploit available.

CVE-2026-26794 | GL-iNet GL-AR300M16 4.3.11 HTTP add_group sql injection

Post correlati

CVE-2024-24272 | iTop DualSafe Password Manager & Digital Vault up to 1.4.23 log file

CVE-2024-3358 | SourceCodester Aplaya Beach Resort Online Reservation System 1.0 /index.php to cross site scripting

CVE-2024-32088 | SeedProd Coming Soon Page, Under Construction & Maintenance Mode Plugin cross-site request forgery

CVE-2026-28417 | vim up to 9.2.0072 URL cross site scripting (GHSA-m3xh-9434-g336)