CVE-2026-9511 | Totolink CA750-PoE 6.2c.510 Setting /cgi-bin/cstecgi.cgi setWebWlanIdx webWlanIdx os command injection

Inserito da Angelo Barbosa | Mag 25, 2026 | CVE

A vulnerability described as critical has been identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument webWlanIdx leads to os command injection.

This vulnerability is referenced as CVE-2026-9511. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2026-9511 | Totolink CA750-PoE 6.2c.510 Setting /cgi-bin/cstecgi.cgi setWebWlanIdx webWlanIdx os command injection

Post correlati

CVE-2018-4301 | Apple Smart Card Services prior 201801 GemaltoKeyHandle.cpp stack-based overflow

CVE-2025-9719 | O2OA up to 10.0-410 Personal Profile Page script name/alias/description/applicationName cross site scripting (Issue 185)

CVE-2026-30302 | CodeRider-Kilo Parser os command injection

CVE-2023-43626 | Intel CPU UEFI Firmware access control (intel-sa-01071)