CVE-2026-11505
MediumCVSS 5.0Summary
A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x in an unknown function of the component glnassys. Executing a manipulation can lead to the use of a hard-coded cryptographic key.
Risk Assessment
The attack may be launched remotely, but it requires a high level of complexity, making its exploitability difficult. Nevertheless, this vulnerability may pose a threat to data security.
Recommendation
It is advised to upgrade to version 4.9.0 to mitigate this issue. Additionally, upgrading the affected component is recommended.
Original NVD description (English source)
A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is reported as difficult. Upgrading to version 4.9.0 mitigates this issue. Upgrading the affected component is advised.

