Description
A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument FileName leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
Published: 2026-05-25
Score: 9.3 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw resides in the UploadOpenVpnCert function of the cstecgi.cgi handler, where the FileName parameter is unsafely passed to the operating system shell. An attacker can craft a value that injects arbitrary commands, allowing execution of native OS commands. The vulnerability is a classic OS command injection tied to CWE‑77 and CWE‑78, and remote exploitation is possible directly through the router’s web management interface.

Affected Systems

Totolink routers model A8000RU running firmware 7.1cu.643_b20200521 are affected. The problematic code is part of the Web Management Interface component accessed via /cgi-bin/cstecgi.cgi.

Risk and Exploitability

The CVSS score of 9.3 marks this vulnerability as Critical, and no EPSS value is available, meaning the exploitation probability is not quantified but the public disclosure indicates it is being used. The vulnerability is not listed in the CISA KEV catalog, but the existence of a public exploit and its remote nature make it a high priority. An attacker can exploit the flaw from any external location that can reach the web interface without authentication barriers or if the interface is exposed beyond the local network.

Generated by OpenCVE AI on May 25, 2026 at 13:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the router firmware to a version that removes or hardens the UploadOpenVpnCert endpoint for the cstecgi.cgi handler.
  • Restrict external access to the web management interface by configuring firewall rules or a VPN so that only trusted internal networks can reach the router.
  • Disable or remove the cstecgi.cgi endpoint if it is not required for normal operation, or replace it with a secure upload mechanism that validates file names strictly.
  • Monitor traffic to the /cgi-bin/cstecgi.cgi path for suspicious payloads and block repeated malicious attempts.

Generated by OpenCVE AI on May 25, 2026 at 13:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 25 May 2026 13:45:00 +0000

Type Values Removed Values Added
First Time appeared Totolink a8000ru
Vendors & Products Totolink a8000ru

Mon, 25 May 2026 12:30:00 +0000

Type Values Removed Values Added
Description A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument FileName leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
Title Totolink A8000RU Web Management cstecgi.cgi UploadOpenVpnCert os command injection
First Time appeared Totolink
Totolink a8000ru Firmware
Weaknesses CWE-77
CWE-78
CPEs cpe:2.3:o:totolink:a8000ru_firmware:*:*:*:*:*:*:*:*
Vendors & Products Totolink
Totolink a8000ru Firmware
References
Metrics cvssV2_0

{'score': 10, 'vector': 'AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 9.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Totolink A8000ru A8000ru Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-25T11:45:11.430Z

Reserved: 2026-05-24T07:57:20.194Z

Link: CVE-2026-9455

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-25T13:30:26Z

Weaknesses