Skip to content
Security Alerts

CVE-2026-36841: Command injection in TOTOLINK N200RE V5

TOTOLINK N200RE V5 was discovered to contain a command injection vulnerability via the macstr and bandstr parameters in the formMapDelDevice function.

Marcin Godula Marcin Godula

Summary

ParameterValue
CVE IDCVE-2026-36841
Alert SourceGitHub Advisory - Critical Vulnerability
CVE Publication Year2026
Date Published2026-04-29
VendorTOTOLINK
ProductN200RE
CVSS Score9.8 (critical)
EPSS ScoreNo data
CISA KEVNo
RansomwareNot confirmed

Vulnerability Description

TOTOLINK N200RE V5 was discovered to contain a command injection vulnerability via the macstr and bandstr parameters in the formMapDelDevice function.

Required Actions

Check TOTOLINK’s support site for a firmware fix and update the device without delay. Until a patch is available, disable WAN-side remote management and restrict admin panel access to trusted internal IPs only. Monitor logs for unusual requests targeting formMapDelDevice with suspicious macstr/bandstr values.

Who Is Affected?

This vulnerability affects N200RE by TOTOLINK. Check whether your organization uses this router and apply the required security actions.

Sources

Need help securing your systems? nFlo team offers vulnerability management and 24/7 SOC services. Contact us.

Learn More

Tags:

cve-2026-36841 critical totolink n200re vulnerability

Share:

Talk to an expert

Have questions about this topic? Get in touch with our specialist.

Sales Representative
Grzegorz Gnych

Grzegorz Gnych

Sales Representative

+48 664 003 003grzegorz.gnych@nflo.pl
Response within 24 hours
Free consultation
Individual approach

Providing your phone number will speed up contact.

Want to Reduce IT Risk and Costs?

Book a free consultation - we respond within 24h

Response in 24h Free quote No obligations
Book a Call +48 22 487 86 36

Or download free guide:

Download NIS2 Checklist