Vulnerabilities

Report: CVE-2026-9531 - Totolink CA750-PoE Setting cstecgi.cgi setUpgradeUboot os command injection

2026-05-26 0 views admin

CVE ID :CVE-2026-9531 Published : May 26, 2026, 4:45 a.m. | 1 hour, 32 minutes ago Description :A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-9531

Published

May 26, 2026

Impact: command injection

🏷️ Tags

reporttotolinkca750settingcstecgisetupgradeubootcommandinjectioncvecve-2026-9531

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-9531 - Totolink CA750-PoE Setting cstecgi.cgi setUpgradeUboot os command injection

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-9495 - Koa Router Access Control Bypass Vulnerability - 2025 Update

Report: Ultimate Guide: CVE-2026-9496 - Pacote Denial of Service (DoS) Vulnerability

Report: Latest: CVE-2026-9532 - Totolink CA750-PoE Setting cstecgi.cgi setUploadUserData os command injection

Report: Complete Guide to CVE-2026-9533 - Totolink CA750-PoE Setting cstecgi.cgi recvUpgradeNewFw os command injection

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting