CVE-2026-7546

Totolink NR1800X firmware 9.1.0u.6279_B20210910 contains a stack-based overflow in lighttpd’s find_host_ip when Host is manipulated. This remote vulnerability has a publicly disclosed exploit. No remediation details are provided in the supplied documents.