VYPR
← All advisories
Medium severity6.3NVD Advisory· Published May 25, 2026

CVE-2026-9512

CVE-2026-9512

Description

A security flaw has been discovered in Totolink CA750-PoE 6.2c.510. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument admuser/admpass results in os command injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Remote OS command injection in TOTOLink CA750-PoE router's setPasswordCfg function allows arbitrary command execution as root.

Vulnerability

The function setPasswordCfg in /cgi-bin/cstecgi.cgi of TOTOLINK CA750-PoE router firmware version 6.2c.510 is vulnerable to OS command injection [1]. The admuser and admpass parameters are passed directly to a system-level command without sanitization, allowing attackers to inject arbitrary commands.

Exploitation

An unauthenticated attacker can exploit this vulnerability remotely by sending a crafted POST request to /cgi-bin/cstecgi.cgi with a JSON payload where the admpass (or admuser) argument contains shell metacharacters. The provided proof-of-concept uses backticks to inject a command such as telnetd -l /bin/sh -p 8889 to start a reverse shell [1].

Impact

Successful exploitation results in remote command execution on the router with root privileges. An attacker can fully compromise the device, intercept network traffic, or use it as a pivot for further attacks.

Mitigation

No official fix has been released as of the publication date. The vendor has not acknowledged the issue. As a workaround, restrict access to the router's management interface to trusted IP addresses only and disable remote administration if possible.

References
  1. my_vuln/totolink4/vuln_50/50.md at main · wudipjq/my_vuln

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.