{"uuid": "bdcea061-7f76-427b-9016-84ea648f2984", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9405", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116633333205979935", "content": "\ud83d\udea8 CVE-2026-9405: CRITICAL OS command injection in Totolink A8000RU (v7.1cu.643_b20200521). No auth needed \u2014 attackers can run remote commands. No patch yet. Restrict web UI access & monitor devices. https://radar.offseq.com/threat/cve-2026-9405-os-command-injection-in-totolink-a80-21e44130 #OffSeq #CVE20269405 #RouterSecurity #Infosec", "creation_timestamp": "2026-05-25T04:30:29.716341Z"}