Security Advisory

CVE-2026-9512

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-05-25 22:15:11

Last updated 2026-05-26 12:37:15

Assigner VulDB

State PUBLISHED

Description

A security flaw has been discovered in Totolink CA750-PoE 6.2c.510. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument admuser/admpass results in os command injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.

← Browse all CVEs View on cve.org ↗