CVE-2026-9385

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument command causes os command injection. The attack is possible to be...

The vulnerability of the setTracerouteCfg function in the /cgi-bin/cstecgi.cgi file of the Totolink LR1200GB router’s microprogramming system, which allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the setTracerouteCfg function in the /cgi-bin/cstecgi.cgi file of the Totolink LR1200GB router’s microprogramming system is related to the issue where the operation’s output escapes the buffer in memory when the argument command is processed. Exploiting this vulnerability...

The vulnerability of the setTracerouteCfg function (/cgi-bin/cstecgi.cgi) in the Totolink N200RE router software allows a hacker to execute arbitrary code.

The vulnerability of the setTracerouteCfg function /cgi-bin/cstecgi.cgi in the Totolink N200RE router software exists due to the lack of measures to neutralize specific elements. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Remote code execution

TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution RCE vulnerability via the setTracerouteCfg function...