CNNVD-202601-3820 Information

CNNVD ID

CNNVD-202601-3820

Related CVE

CVE-2026-1327

• CNNVD Published: 2026-01-22

Description (Chinese)

TOTOLINK NR1800X是中国吉翁电子（TOTOLINK）公司的一款出色的 5G NR 室内Wi-Fi和SIP CPE。旨在为家庭和办公室提供快速便捷的 NR 固定数据服务部署。 TOTOLINK NR1800X 9.1.0u.6279_B20210910版本存在命令注入漏洞，该漏洞源于对文件/cgi-bin/cstecgi.cgi中参数command的错误操作，可能导致命令注入。

Description (English)

TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE company in China. TOTOLINK NR1800X 9.1.0u.6279 B20210910 has a command-injecting loophole, which stems from an error in the comand parameter in document/cgi-bin/cstecgi.cgi, which may lead to the command-injection.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

吉翁电子

Published

2026-01-22

Last Modified

2026-02-24

References

https://lavender-bicycle-a5a.notion.site/TOTOLINK-NR1800X-setTracerouteCfg-2e453a41781f80df8ef9d32983758502?source=copy_link https://vuldb.com/?ctiid.342303 https://vuldb.com/?id.342303 https://vuldb.com/?submit.735790 https://www.totolink.net/