{"uuid": "e9c1d88f-2bee-4bcf-85d5-1fcbe95d778e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9435", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116634748548269306", "content": "\ud83d\udee1\ufe0f CVE-2026-9435: Critical OS command injection in Totolink A8000RU (fw 7.1cu.643_b20200521) allows unauthenticated remote code execution. No patch yet \u2014 restrict web UI & monitor advisories. Exploit is public! https://radar.offseq.com/threat/cve-2026-9435-os-command-injection-in-totolink-a80-a8a549f3 #OffSeq #CVE20269435 #IoTSecurity", "creation_timestamp": "2026-05-25T10:30:26.136836Z"}