Security Advisory

CVE-2026-1623

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-29 20:32:08

Last updated 2026-02-23 09:07:06

Assigner VulDB

State PUBLISHED

Description

A weakness has been identified in Totolink A7000R 4.1cu.4154. Impacted is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument FileName causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.

← Browse all CVEs View on cve.org ↗