CVE-2026-7538
CriticalSummary
A vulnerability was identified in the Totolink A8000RU device version 7.1cu.643_b20200521, affecting the function in the file /cgi-bin/cstecgi.cgi of the CGI Handler component. Manipulation of the argument proto leads to OS command injection.
Risk Assessment
An attacker can remotely exploit this vulnerability, posing a serious security threat to the system. A publicly available exploit may be used to carry out an attack.
Recommendation
It is recommended to update the device to the latest firmware version to mitigate this vulnerability. Additionally, network traffic should be monitored for potential attack attempts.
Original NVD description (English source)
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function Vulnerability of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument proto leads to os command injection. The attack may be initiated remotely. The exploit is publicly available and might be used.

