A vulnerability was detected in Totolink CA750-PoE 6.2c...
Low severity
Unreviewed
Published
May 26, 2026
to the GitHub Advisory Database
•
Updated May 26, 2026
Description
Published by the National Vulnerability Database
May 26, 2026
Published to the GitHub Advisory Database
May 26, 2026
Last updated
May 26, 2026
A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The impacted element is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument fwUrl/magicid results in os command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
References