{"vulnerability": "CVE-2026-9404", "sightings": [{"uuid": "3c80ddc7-6de5-4a44-98bc-20e69618b4b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9404", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmnsg7hw3k2f", "content": "Totolink A8000RU routers (7.1cu.643_b20200521) face CRITICAL OS command injection (CVSS 9.3). Exploit code is public \u2014 restrict web mgmt access & monitor for fixes. https://radar.offseq.com/threat/cve-2026-9404-os-command-injection-in-totolink-a80-e697767b #OffSeq #infosec #CVE20269404", "creation_timestamp": "2026-05-25T06:00:28.132234Z"}, {"uuid": "3cb80f95-8fe4-4935-b943-da66df76b6d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9404", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116633686859071234", "content": "\ud83d\udea8 CRITICAL: Totolink A8000RU (7.1cu.643_b20200521) suffers OS command injection (CVE-2026-9404, CVSS 9.3). Exploit is public; no patch yet. Restrict web mgmt interface & watch for updates. https://radar.offseq.com/threat/cve-2026-9404-os-command-injection-in-totolink-a80-e697767b #OffSeq #infosec #CVE20269404 #routersecurity", "creation_timestamp": "2026-05-25T06:00:29.748940Z"}, {"uuid": "d5425508-ce66-4371-a339-69038678f70a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9404", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motvic6kfw2b", "content": "\ud83d\udea8  ALERT: CVE-2026-9404\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nA vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command ", "creation_timestamp": "2026-06-22T03:01:40.443219Z"}]}