HarborGuard / CVE
Back to search
CRITICALCVE-2026-1723Published Modified CNA palo_alto

CVE-2026-1723: TOTOLINK X6000R Unauthenticated Command Injection Vulnerability

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1498_B20250826.

Metrics

CVSS v4.0
9.2
Severity
CRITICAL
Fixed in
Affected Products
1
Affected packages
  • TOTOLINK / X6000R
    ≤ V9.4.0cu.1498_B20250826
CVSS Vector
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H
References