CVE-2026-1327 | Totolink NR1800X 9.1.0u.6279_B20210910 POST Request /cgi-bin/cstecgi.cgi setTracerouteCfg command command injection

A vulnerability, which was classified as critical, was found in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Such manipulation of the argument command leads to command injection.

This vulnerability is uniquely identified as CVE-2026-1327. The attack can be launched remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More