Totolink Ca750 Poe
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Totolink Ca750 Poe.
By the Year
In 2026 there have been 9 vulnerabilities in Totolink Ca750 Poe with an average score of 6.3 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 9 | 6.30 |
It may take a day or so for new Ca750 Poe vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Totolink Ca750 Poe Security Vulnerabilities
Totolink CA750-PoE: OS Command Injection (v6.2c.510)
CVE-2026-9534
6.3 - Medium
- May 26, 2026
A flaw has been found in Totolink CA750-PoE 6.2c.510. This affects the function setWiFiWpsConfig of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executing a manipulation of the argument PIN can lead to os command injection. It is possible to launch the attack remotely. The exploit has been published and may be used.
Shell injection
Totolink CA750-PoE 6.2c.510 Setting Handler RCE via OS Command Injection
CVE-2026-9533
6.3 - Medium
- May 26, 2026
A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The impacted element is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument fwUrl/magicid results in os command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
Shell injection
Totolink CA750-PoE 6.2c.510 OS Command Injection via setUploadUserData (remote)
CVE-2026-9532
6.3 - Medium
- May 26, 2026
A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. The affected element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument FileName leads to os command injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
Shell injection
OS Command Injection in Totolink CA750-PoE 6.2c.510 setUpgradeUboot
CVE-2026-9531
6.3 - Medium
- May 26, 2026
A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks.
Shell injection
OS Command Injection in Totolink CA750-PoE 6.2c.510 Setting Handler
CVE-2026-9515
6.3 - Medium
- May 25, 2026
A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The affected element is the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation of the argument plugin_version results in os command injection. The attack may be launched remotely. The exploit is now public and may be used.
Shell injection
Totolink CA750-PoE 6.2c.510 OS Command Injection in Setting Handler CGI
CVE-2026-9514
6.3 - Medium
- May 25, 2026
A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. Impacted is the function setNetworkDiag of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation of the argument NetDiagHost/NetDiagPingNum/NetDiagPingSize/NetDiagPingTimeOut/NetDiagTracertHop is directly passed by the attacker/so we can control the NetDiagHost/NetDiagPingNum/NetDiagPingSize/NetDiagPingTimeOut/NetDiagTracertHop leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
Shell injection
Command Injection via NTPSyncWithHost on Totolink CA750-PoE 6.2c.510
CVE-2026-9513
6.3 - Medium
- May 25, 2026
A weakness has been identified in Totolink CA750-PoE 6.2c.510. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executing a manipulation of the argument host_time can lead to os command injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.
Shell injection
Totolink CA750-PoE 6.2c.510: Remote OS Command Injection in setPasswordCfg
CVE-2026-9512
6.3 - Medium
- May 25, 2026
A security flaw has been discovered in Totolink CA750-PoE 6.2c.510. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument admuser/admpass results in os command injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
Shell injection
OS Command Injection in Totolink CA750-PoE 6.2c.510 Setting Handler
CVE-2026-9511
6.3 - Medium
- May 25, 2026
A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument webWlanIdx leads to os command injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Totolink Ca750 Poe or by Totolink? Click the Watch button to subscribe.
