Skip to main content

Nr1800X CVE-2026-5030

| EUVDEUVD-2026-16971 LOW
Command Injection (CWE-77)
2026-03-29 VulDB
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

6
Severity Changed
Apr 29, 2026 - 01:11 NVD
MEDIUM LOW
CVSS changed
Apr 29, 2026 - 01:11 NVD
5.3 (MEDIUM) 2.1 (LOW)
PoC Detected
Mar 30, 2026 - 19:00 vuln.today
Public exploit code
EUVD ID Assigned
Mar 29, 2026 - 04:30 euvd
EUVD-2026-16971
Analysis Generated
Mar 29, 2026 - 04:30 vuln.today
CVE Published
Mar 29, 2026 - 03:30 nvd
MEDIUM 5.3

DescriptionCVE.org

A vulnerability has been found in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument host_time leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

Command injection in Totolink NR1800X firmware 9.1.0u.6279_B20210910 allows authenticated remote attackers to execute arbitrary commands via the host_time parameter in the NTPSyncWithHost function of /cgi-bin/cstecgi.cgi. The vulnerability has a CVSS score of 6.3 (medium severity) with publicly available exploit code, though it requires valid login credentials to exploit. Real-world risk is moderate given the authentication requirement and moderate EPSS probability (indicated by E:P in vector).

Technical ContextAI

The vulnerability exists in the Telnet Service component of Totolink NR1800X routers, specifically within the NTPSyncWithHost CGI function. The root cause is CWE-77 (Improper Neutralization of Special Elements used in a Command), meaning user-supplied input in the host_time parameter is passed unsanitized to a system command execution routine. The /cgi-bin/cstecgi.cgi endpoint processes this parameter without adequate input validation or escaping, allowing shell metacharacters to be injected. This is a classic command injection vulnerability affecting network device firmware where CGI scripts often have direct access to system shell execution functions.

RemediationAI

Primary remediation is to update Totolink NR1800X firmware to the latest available version released by the vendor after the vulnerability disclosure. Users should check https://www.totolink.net/ for official firmware updates. In the interim, mitigate by restricting network access to the router's management interface (CGI services), disable remote management/Telnet access if not required, and use strong, unique credentials for router administration. Monitor router logs for suspicious CGI requests to /cgi-bin/cstecgi.cgi with host_time parameter manipulation. If patch availability is uncertain, contact Totolink support directly for advisory and timeline.

Share

CVE-2026-5030 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy