Description
TOTOLINK N200RE V5 was discovered to contain a command injection vulnerability via the macstr and bandstr parameters in the formMapDelDevice function.
Published: 2026-04-29
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability in the TOTOLINK N200RE V5 firmware exposes a command injection flaw through the macstr and bandstr parameters of the formMapDelDevice function. An attacker who can supply values to these parameters could execute arbitrary operating‑system commands on the device, potentially compromising the router’s confidentiality, integrity, and availability. The described weakness corresponds to the classic command injection category (CWE‑78).

Affected Systems

Devices running the TOTOLINK N200RE V5 firmware, particularly those exposing the formMapDelDevice interface. No additional version constraints are provided beyond the V5 designation.

Risk and Exploitability

The CVE has a CVSS score of 9.8, indicating a critical severity. It is not listed in the CISA KEV catalog and no EPSS score is available, suggesting limited publicly known exploitation. However, the lack of a vendor‑issued fix combined with the severity of a remote command injection implies a high risk to network‑connected routers if the vulnerable interface remains accessible. Attackers would need network reachability to the device’s management interface; the exploit would succeed with no special authentication prerequisites as implied by the exposed parameters.

Generated by OpenCVE AI on April 30, 2026 at 14:04 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor‑issued firmware upgrade that addresses the formMapDelDevice command injection flaw.
  • If a patch is unavailable, block or restrict access to the formMapDelDevice endpoint using firewall rules or router configuration settings.
  • Segregate the device from exposed networks, ensuring that only trusted administrative networks can reach the management interface; monitor logs for anomalous command‑execution attempts.

Generated by OpenCVE AI on April 30, 2026 at 14:04 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 30 Apr 2026 14:30:00 +0000

Type Values Removed Values Added
Title Command Injection in TOTOLINK N200RE V5 formMapDelDevice Function
Weaknesses CWE-78

Thu, 30 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
First Time appeared Totolink
Totolink n200re-v5
Vendors & Products Totolink
Totolink n200re-v5

Wed, 29 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-77
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 29 Apr 2026 17:30:00 +0000

Type Values Removed Values Added
Title Command Injection in TOTOLINK N200RE V5 formMapDelDevice Function
Weaknesses CWE-78

Wed, 29 Apr 2026 14:45:00 +0000

Type Values Removed Values Added
Description TOTOLINK N200RE V5 was discovered to contain a command injection vulnerability via the macstr and bandstr parameters in the formMapDelDevice function.
References

Subscriptions

Totolink N200re-v5
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-29T20:28:26.618Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-36841

cve-icon Vulnrichment

Updated: 2026-04-29T20:26:16.554Z

cve-icon NVD

Status : Deferred

Published: 2026-04-29T15:16:05.643

Modified: 2026-04-29T21:22:20.120

Link: CVE-2026-36841

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-30T14:15:40Z

Weaknesses