The Totolink N300RH web management interface contains an OS command injection vulnerability in the `setPasswordCfg` function.
Description
The Totolink N300RH web management interface contains an OS command injection vulnerability in the `setPasswordCfg` function.
AI Analyst Comment
Remediation
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: Totolink
PRODUCT: N300RH
AFFECTED_VERSIONS: Totolink N300RH 6.1c.1353_B20190305
---END_METADATA---
Description Summary:
The Totolink N300RH web management interface contains an OS command injection vulnerability in the
setPasswordCfgfunction.Executive Summary:
A critical OS command injection vulnerability in the Totolink N300RH web management interface allows remote attackers to execute arbitrary commands.
Vulnerability Details
CVE-ID: CVE-2026-9543
Affected Software: Totolink N300RH
Affected Versions: Totolink N300RH 6.1c.1353_B20190305
Vulnerability: The
setPasswordCfgfunction within/cgi-bin/cstecgi.cgiimproperly sanitizes theadmpassargument, allowing a remote attacker to inject and execute arbitrary OS commands.Business Impact
This vulnerability provides an attacker with full control over the affected router. With a CVSS score of 9.8, this could lead to the interception of network traffic, redirection of DNS, or the device being utilized as a pivot point for further attacks on the internal network.
Remediation Plan
Immediate Action: Update the device firmware to the latest available version provided by Totolink.
Proactive Monitoring: Monitor the device for unusual configuration changes and audit network traffic originating from the router for signs of compromise.
Compensating Controls: Disable remote access to the Web Management Interface and ensure the device is not accessible from the public internet.
Exploitation Status
Public Exploit Available: True
Analyst Notes: As of May 26, 2026, the exploit has been disclosed publicly. Given the availability of the exploit, the risk of active exploitation is significant.
Analyst Recommendation
Owners of Totolink N300RH devices should update their firmware immediately. If no firmware update is available for a specific version, the device should be taken offline or have its management interface restricted from external access to prevent exploitation.