UNKNOWNCVE-2026-5030
Totolink NR1800X Telnet Service cstecgi.cgi NTPSyncWithHost command injection
Platform
other
Component
telnet-service
A vulnerability has been found in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument host_time leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
How to fix
Actualice el firmware del router Totolink NR1800X a una versión posterior a 9.1.0u.6279_B20210910 para corregir la vulnerabilidad de inyección de comandos en el servicio Telnet. Consulte el sitio web del proveedor para obtener la última versión del firmware e instrucciones de actualización.
Monitor your dependencies automatically
Get notified when new vulnerabilities affect your projects. Free forever.
Start free