PT-2026-56891 · Totolink · X5000R

Fuhanhan2014

·

Published

2026-07-09

·

Updated

2026-07-09

·

CVE-2026-15204

CVSS v2.0

4.3

Medium

VectorAV:N/AC:M/Au:N/C:P/I:N/A:N
A vulnerability was detected in TOTOLINK X5000R 9.1.0cu.2415 B20250515/9.1.0cu.2350 B20230313. Affected by this vulnerability is the function exportOvpn of the file /web/cgi-bin/cstecgi.cgi of the component OpenVPN Export. The manipulation results in path traversal. The attack may be launched remotely.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-15204

Affected Products

X5000R