A vulnerability classified as critical was found in GL.iNet GL-MT3000 up to 4.4.5 . Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler . Such manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2026-12187 . The attack can be launched remotely. Moreover, an exploit is present. Upgrading the affected component is advised. The vendor was contacted early, responded in