CVE-2026-4611
published 2026-03-23CVE-2026-4611: A flaw has been found in TOTOLINK X6000R 9.4.0cu.1360_B20241207/9.4.0cu.1498_B20250826. Affected by this issue is the function setLanCfg of the file…
high8.6CVSS 4.0
AVNACLATNPRHUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A flaw has been found in TOTOLINK X6000R 9.4.0cu.1360_B20241207/9.4.0cu.1498_B20250826. Affected by this issue is the function setLanCfg of the file /usr/sbin/shttpd. Executing a manipulation of the argument Hostname can lead to os command injection. The attack may be launched remotely.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| totolink | x6000r | — | — |
| totolink | x6000r | — | — |
| totolink | x6000r_firmware | — | — |
| totolink | x6000r_firmware | — | — |