CVE-2026-4611 | TOTOLINK X6000R 9.4.0cu.1360_B20241207/9.4.0cu.1498_B20250826 /usr/sbin/shttpd setLanCfg Hostname os command injection

Inserito da Angelo Barbosa | Mar 23, 2026 | CVE

A vulnerability labeled as critical has been found in TOTOLINK X6000R 9.4.0cu.1360_B20241207/9.4.0cu.1498_B20250826. Affected by this issue is the function setLanCfg of the file /usr/sbin/shttpd. Executing a manipulation of the argument Hostname can lead to os command injection.

The identification of this vulnerability is CVE-2026-4611. The attack may be launched remotely. There is no exploit available.

CVE-2026-4611 | TOTOLINK X6000R 9.4.0cu.1360_B20241207/9.4.0cu.1498_B20250826 /usr/sbin/shttpd setLanCfg Hostname os command injection

Post correlati

CVE-2024-33967 | Janobe School Attendance Monitoring System 1.0 attendance_print.php Attendance/YearLevel sql injection

CVE-2024-42372 | SAP NetWeaver AS Java 7.5 System Landscape Directory authorization

CVE-2024-24559 | vyperlang Vyper up to 0.3.10 risky encryption (GHSA-6845-xw22-ffxv)

CVE-2024-43188 | IBM Business Automation Workflow 22.0.2/23.0.1/23.0.2/24.0.0 client-side enforcement of server-side security