TOTOLINK Devices Exposed to Least Privilege Violations
CVE-2026-15271
7.7HIGH
What is CVE-2026-15271?
A vulnerability exists in the web interface of various TOTOLINK devices due to misconfiguration of the /etc/boa/boa.conf file. This security flaw may allow an attacker to exploit least privilege violations through remote access, potentially compromising sensitive configurations. The complexity of executing an attack is considered high, making exploitation challenging but not impossible. Users are encouraged to review their device settings and apply updates to mitigate potential risks.
Affected Version(s)
A3000RU 20260906
A3100R 20260906
A950RG 20260906
