CVE-2026-9456 | Totolink A8000RU 7.1cu.643_b20200521 Web Management Interface /cgi-bin/cstecgi.cgi setOpenVpnCfg enabled os command injection

A vulnerability categorized as critical has been discovered in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setOpenVpnCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enabled results in os command injection.

This vulnerability is identified as CVE-2026-9456. The attack can be executed remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More