CVE-2026-9454 | Totolink A8000RU 7.1cu.643_b20200521 Web Management Interface /cgi-bin/cstecgi.cgi setOpenVpnCertGenerationCfg servername os command injection

A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. It has been declared as critical. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument servername can lead to os command injection.

The identification of this vulnerability is CVE-2026-9454. The attack may be launched remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More