NVD CRITICAL: CVE-2026-9478 — A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted...

Monday, May 25, 2026 at 06:16 PM UTC·Source: NIST NVD

Updated: Wednesday, May 27, 2026 at 05:00 AM UTC

Executive Summary

A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setParentalRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-9478

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on May 25, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerabilityNEW

PayWallet expands payout capabilities with TerraPay integration

TerraPay, a global money movement company, has partnered with PalWallet, a fintech infrastructure provider focused on stablecoin settlement, global payments infrastructure and embedded financial services, to help businesses move money across borders faster and more efficiently.

Just nowFinextra

MEDIUMVulnerabilityNEW

UK Payments Initiative launches to challenge Visa and Mastercard stranglehold

The UK Payments Initiative, a new company formed with the backing of the UK's biggest banks, has gone live, with the aim of undermining the dominance of US card networks in payments.

20m agoFinextra

MEDIUMVulnerabilityNEW

Meta AI Hands Over High-Profile Instagram Accounts to Hackers

Exploiting a confused deputy weakness, the hackers simply asked the chatbot to link the account to a new email address. The post Meta AI Hands Over High-Profile Instagram Accounts to Hackers appeared first on SecurityWeek .

22m agoSecurityWeek