A vulnerability identified as critical has been detected in GL.iNet MT3000 up to 4.4.5 . This vulnerability affects unknown code of the file ovpnclient.sh of the component OpenVPN Client Import Workflow . This manipulation causes command injection. This vulnerability is registered as CVE-2026-11406 . Remote exploitation of the attack is possible. Furthermore, an exploit is available. You should upgrade the affected component. The vendor confirms: "This issue has been addressed by implementing ma