{"id":78792,"date":"2026-05-25T03:30:19","date_gmt":"2026-05-25T00:00:19","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2026-9408-totolink-a8000ru-web-management-cstecgi-cgi-setstaticdhcprules-os-command-injection\/"},"modified":"2026-05-25T03:30:19","modified_gmt":"2026-05-25T00:00:19","slug":"cve-2026-9408-totolink-a8000ru-web-management-cstecgi-cgi-setstaticdhcprules-os-command-injection","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2026-9408-totolink-a8000ru-web-management-cstecgi-cgi-setstaticdhcprules-os-command-injection\/","title":{"rendered":"CVE-2026-9408 &#8211; Totolink A8000RU Web Management cstecgi.cgi setStaticDhcpRules os command injection"},"content":{"rendered":"<p>CVE ID :CVE-2026-9408<\/p>\n<p>  Published : May 25, 2026, midnight | 58\u00a0minutes ago<\/p>\n<p>  Description :A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the function setStaticDhcpRules of the file \/cgi-bin\/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be performed from remote. The exploit is now public and may be used.<\/p>\n<p>  Severity: 0.0 | NA<\/p>\n<p>  Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID :CVE-2026-9408 Published : May 25, 2026, midnight | 58\u00a0minutes ago Description :A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the function setStaticDhcpRules of the file \/cgi-bin\/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be performed &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-78792","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/78792","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=78792"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/78792\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=78792"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=78792"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=78792"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}