NVD CRITICAL: CVE-2026-9384 — A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerab...

Sunday, May 24, 2026 at 02:16 PM UTC·Source: NIST NVD

Updated: Tuesday, May 26, 2026 at 02:00 PM UTC

Executive Summary

A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument ip results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used.

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-9384

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on May 24, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerabilityNEW

Mastercard joins Tips cross-currency pilot

Mastercard is working with Denmark's and Sweden's central banks to pilot instant cross-currency payments on the Eurosystem’s Target Instant Payment Settlement (Tips) platform.

31m agoFinextra

MEDIUMVulnerability

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta's "AI support assistant" bot into resetting account passwords.

1h agoKrebs on Security

CRITICALVulnerability

Vulnerability Disclosure in the Age of AI

New article: “ Responsible Disclosure in the Age of AI: A Call for Urgent Action ,” by Melissa Hathaway. Abstract: Artificial intelligence is fundamentally reshaping the balance between vulnerability discovery and remediation. Frontier AI models are now capable of autonomously identifying exploitable software vulnerabilities at unprecedented speed and scale. This development exposes de

1h agoSchneier on Security