NVD CRITICAL: CVE-2026-9436 — A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. The impacted elem...

Monday, May 25, 2026 at 08:16 AM UTC·Source: NIST NVD

Updated: Tuesday, May 26, 2026 at 03:00 PM UTC

Executive Summary

A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used.

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-9436

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on May 25, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerabilityNEW

Franklin Templeton and MoonPay bid to expand institutional access to tokenised funds

Franklin Templeton and MoonPay today announced a strategic partnership to make tokenized financial products more accessible and usable across the onchain financial ecosystem.

18m agoFinextra

MEDIUMVulnerabilityNEW

Investing app Plynk revamps app

Plynk, the award-winning investing app designed to uncomplicate the investing experience and empower users with confidence-boosting tools, announced its app upgrade and rebrand alongside the launch of the dividend match, a first-of its-kind offer.

20m agoFinextra

MEDIUMVulnerabilityNEW

DNB Bank expands partnership with Infosys for AI-driven financial crime operations

Infosys (NSE, BSE, NYSE: INFY), a global leader in AI-first business consulting and technology services, today announced the expansion of its strategic collaboration with DNB Bank ASA (DNB), Norway’s largest bank, to modernize its Financial Crime (FinCrime) operations using NICE Actimize X-Sight Enterprise platform.

22m agoFinextra