Summary
| Parameter | Value |
|---|---|
| CVE ID | CVE-2026-7546 |
| Alert Source | GitHub Advisory - Critical Vulnerability |
| CVE Publication Year | 2026 |
| Date Published | 2026-05-01 |
| Vendor | Totolink |
| Product | NR1800X |
| CVSS Score | 9.8 (critical) |
| EPSS Score | No data |
| CISA KEV | No |
| Ransomware | Not confirmed |
Vulnerability Description
A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. The impacted element is the function find_host_ip of the component lighttpd. Such manipulation of the argument Host leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
Required Actions
Update the firmware on Totolink NR1800X routers to the latest patched version immediately. Until the patch is deployed, disable web interface access from public networks and restrict access exclusively to trusted internal addresses. Monitor the device for unusual network traffic and reboots.
Who Is Affected?
This vulnerability affects NR1800X by Totolink. Check whether your organization uses this router and immediately update the firmware and restrict management interface exposure.
Sources
Need help securing your systems? nFlo team offers vulnerability management and 24/7 SOC services. Contact us.
