A vulnerability, which was classified as critical , has been found in Totolink A8000RU 7.1cu.643_b20200521 . The affected element is the function setQosCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface . Performing a manipulation of the argument enable results in os command injection. This vulnerability is known as CVE-2026-9435 . Remote exploitation of the attack is possible. Furthermore, an exploit is available.