A flaw has been found in Totolink A8000RU 7.1cu...
High severity
Unreviewed
Published
May 26, 2026
to the GitHub Advisory Database
•
Updated May 26, 2026
Description
Published by the National Vulnerability Database
May 25, 2026
Published to the GitHub Advisory Database
May 26, 2026
Last updated
May 26, 2026
A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument servername can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used.
References