{“lastseen”:””,”description”:”A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setQosCfg of the file \/cgi-bin\/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument enable results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.”,”published”:”2026-05-25T06:45:11.182Z”,”modified”:”2026-05-25T06:45:11.182Z”,”type”:”cve”,”title”:”Totolink A8000RU Web Management cstecgi.cgi setQosCfg os command injection”,”source”:”VulDB”,”references”:”https:\/\/vuldb.com\/vuln\/365416\\nhttps:\/\/vuldb.com\/vuln\/365416\/cti\\nhttps:\/\/vuldb.com\/submit\/813908\\nhttps:\/\/github.com\/Litengzheng\/vuldb_new2\/blob\/main\/A8000RU\/vul_356\/README.md\\nhttps:\/\/www.totolink.net\/”,”id”:”CVE-2026-9435″,”bulletinFamily”:””,”cwe”:[“CWE-78″,”CWE-77″],”cvelist”:null,”sourceData”:”Totolink A8000RU 7.1cu.643_b20200521″,”sourceHref”:””,”cvss”:{“score”:9.3,”severity”:”CRITICAL”,”vector”:”CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:N\/UI:N\/VC:H\/VI:H\/VA:H\/SC:N\/SI:N\/SA:N\/E:P”,”version”:”4.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”A8000RU”,”version”:”7.1cu.643_b20200521″,”vendor”:”Totolink”,”ai_description”:”OS command injection vulnerability in Totolink A8000RU Web Management Interface”,”ai_severity”:”Critical”,”ai_vendor”:”Totolink”,”ai_product”:”A8000RU”,”ai_version”:”7.1cu.643_b20200521″,”ai_score”:9.3}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setQosCfg of the file \/cgi-bin\/cstecgi.cgi of the component Web Management Interface….<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[9,6,8,55,12,13,7,11,5],"class_list":["post-56670","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-critical","tag-cve","tag-cvss","tag-cvss-93","tag-exploit","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n