Medium severity6.3NVD Advisory· Published May 25, 2026· Updated May 28, 2026
CVE-2026-9511
CVE-2026-9511
Description
A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument webWlanIdx leads to os command injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
5News mentions
1- Totolink CA750-PoE: Nine OS Command Injection CVEs Land in a Single BatchVypr Intelligence · May 26, 2026