CVE-2026-7548 | Totolink NR1800X 9.1.0u.6279_B20210910 /cgi-bin/cstecgi.cgi sub_41A68C setUssd command injection

Inserito da Angelo Barbosa | Apr 30, 2026 | CVE

A vulnerability marked as critical has been reported in Totolink NR1800X 9.1.0u.6279_B20210910. This affects the function sub_41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection.

This vulnerability is reported as CVE-2026-7548. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-7548 | Totolink NR1800X 9.1.0u.6279_B20210910 /cgi-bin/cstecgi.cgi sub_41A68C setUssd command injection

Post correlati

CVE-2026-35357 | Uutils coreutils Cp Utility toctou

CVE-2026-32280 | crypto-x509 up to 1.25.8/1.26.1 on Go Certificate allocation of resources

CVE-2024-5733 | itsourcecode Online Discussion Forum 1.0 register_me.php eaddress sql injection

CVE-2023-49770 | Peter Raschendorfer Smart External Link Click Monitor Plugin up to 5.0.2 on WordPress cross site scripting