Skip to main content

TOTOLINK X6000R CVE-2026-1723

OS Command Injection (CWE-78)
2026-01-30 psirt@paloaltonetworks.com

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 22:00 vuln.today
CVE Published
Jan 30, 2026 - 21:15 nvd
N/A

DescriptionCVE.org

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1498_B20250826.

Analysis

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1498_B20250826.

Technical ContextAI

Classified as CWE-78 (OS Command Injection). Affects TOTOLINK X6000R. Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1498_B20250826.

Affected ProductsAI

Product: TOTOLINK X6000R.

RemediationAI

Monitor vendor advisories for a patch.

Share

CVE-2026-1723 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy