CVE-2026-36175

Description

An issue in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access via interrupting the boot sequence and injecting a crafted string into the kernel boot arguments.

References

• http://gncc.com
• http://gp5.com
• https://github.com/BadChemical/IoT-Vulnerability-Research-Public/blob/main/GNCC-GP5-T23/README.md