LeakyCreds
NewInstant webhook alerts now available — notified within seconds of any credential detection.Learn more →
Home / Vulnerability Intelligence / CVE-2026-26793

CVE-2026-26793 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: March 13, 2026

GL-iNet GL-AR300M16 - Command Injection

Published: March 12, 2026Updated: March 13, 2026PoC AvailableRemote Exploitable

Overview

GL-iNet GL-AR300M16 v4.3.11 contains a command injection caused by improper input handling in the set_config function, letting attackers execute arbitrary commands remotely, exploit requires crafted input.

Severity & Score

Severity: Critical
CVSS Score: 9.8
EPSS Score: 96.1%(Probability of exploitation in next 30 days)

Impact

Attackers can execute arbitrary commands remotely, potentially leading to full system compromise.

Mitigation

Update to the latest version.

References

Social Media Activity(1 post)

ZEN SecDB
ZEN SecDB
@secdb
Mar 16, 2026

📈 CVE Published in last 7 days (2026-03-09 - 2026-03-16) See more at https://secdb.nttzen.cloud/dashboard Total CVEs: 1301 Severity: - Critical: 114 - High: 499 - Medium: 548 - Low: 44 - None: 96 Status: - : 27 - Analyzed: 466 - Awaiting Analysis: 494 - Modified: 13 - Received: 245 - Rejected: 5 - Undergoing Analysis: 51 Top CNAs: - GitHub, Inc.: 312 - Patchstack: 140 - VulDB: 88 - VulnCheck: 88 - Adobe Systems Incorporated: 85 - Microsoft Corporation: 78 - MITRE: 76 - Wordfence: 44 - Chrome: 31 - N/A: 27 Top Affected Products: - UNKNOWN: 755 - Microsoft Windows 10 22h2: 42 - Microsoft Windows 10 21h2: 42 - Microsoft Windows Server 2022: 41 - Microsoft Windows 11 24h2: 40 - Microsoft Windows 11 23h2: 40 - Microsoft Windows 11 25h2: 40 - Microsoft Windows Server 2025: 39 - Microsoft Windows 11 26h1: 39 - Microsoft Windows Server 2019: 39 Top EPSS Score: - CVE-2025-14558 - 39.97 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-14558) - CVE-2026-3909 - 27.12 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3909) - CVE-2026-3910 - 21.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3910) - CVE-2026-2413 - 11.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2413) - CVE-2026-26130 - 1.27 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26130) - CVE-2026-4092 - 1.01 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-4092) - CVE-2026-26791 - 0.68 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26791) - CVE-2026-26792 - 0.68 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26792) - CVE-2026-26793 - 0.68 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26793) - CVE-2026-26795 - 0.68 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26795)

View original post

Related Resources

Details

CVE ID
CVE-2026-26793
Severity
Critical
CVSS Score
9.8
Type
command_injection
Status
confirmed
EPSS
96.1%
Social Posts
1

CWE

  • CWE-77

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

96.1%Probability of exploitation in the next 30 days