PatchDay Alert

CVE

CVE-2026-7121

0field notes · 1digest CVSS 9.8

Daily digests

Same router, different function. The wizard configuration handler on the Totolink A8000RU also accepts unsanitized input, letting a remote attacker inject arbitrary OS commands. A public exploit is available. CVSS 9.8.

Get the digest

Free. Weekday mornings. Plain English CVE triage.

Check your inbox to confirm.