Security Advisory

CVE-2026-1547

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-28 22:02:10

Last updated 2026-02-23 09:02:20

Assigner VulDB

State PUBLISHED

Description

A vulnerability was detected in Totolink A7000R 4.1cu.4154. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument plugin_name results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used.

← Browse all CVEs View on cve.org ↗