A vulnerability described as critical has been identified in GL.iNet GL-MT3000 up to 4.4.5 . Impacted is the function iwinfo_backend of the file iwinfo.so of the component MTK Backend . The manipulation of the argument device results in command injection. This vulnerability is identified as CVE-2026-11447 . The attack can be executed remotely. Additionally, an exploit exists. Upgrading the affected component is recommended. The vendor confirms: "Starting from version 4.7, SDK has added global pr