CVE-2026-5030 in Totolink NR1800X
Zusammenfassung (Englisch)
A vulnerability has been found in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument host_time leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Veröffentlichung
29.03.2026
Einträge
| ID | Schwachstelle | CWE | Base | Temp | 0day | Heute | Aus | KEV | EPSS | CTI | Mas | CVE |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 353952 | Totolink NR1800X Telnet Service cstecgi.cgi NTPSyncWithHost erweiterte Rechte | 77 | 6.3 | 5.7 | $0-$5k | $0-$5k | Proof-of-Concept | 0.02949 | 2.25 | Nicht definiert | CVE-2026-5030 |