CVE-2026-9543 | Totolink N300RH 6.1c.1353_B20190305 Web Management Interface /cgi-bin/cstecgi.cgi setPasswordCfg admpass os command injection

A vulnerability labeled as critical has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os command injection.

This vulnerability is documented as CVE-2026-9543. The attack can be executed remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More