A vulnerability classified as critical has been found in Totolink CA750-PoE 6.2c.510 . This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler . Performing a manipulation of the argument admuser/admpass results in os command injection. This vulnerability is identified as CVE-2026-9512 . The attack can be initiated remotely. Additionally, an exploit exists.