CVE

CVE-2026-7243

0field notes · 1digest CVSS 9.8

Daily digests

Remote OS command injection in the Totolink A8000RU via the setRadvdCfg function's 'maxRtrAdvInterval' parameter. The exploit is public and CVSS is 9.8. An attacker who can reach the CGI handler can run arbitrary commands on the router as if they own it.

Daily Digest · Apr 28, 2026
5 router RCEs with public exploits, all CVSS 9.8

CVE-2026-7243

5 router RCEs with public exploits, all CVSS 9.8