CVE-2026-15204
Severity CVSS v4.0:
MEDIUM
Type:
CWE-22
Path Traversal
Publication date:
09/07/2026
Last modified:
09/07/2026
Description
A vulnerability was detected in TOTOLINK X5000R 9.1.0cu.2415_B20250515/9.1.0cu.2350_B20230313. Affected by this vulnerability is the function exportOvpn of the file /web/cgi-bin/cstecgi.cgi of the component OpenVPN Export. The manipulation results in path traversal. The attack may be launched remotely.
Impact
Base Score 4.0
5.50
Severity 4.0
MEDIUM
Base Score 3.x
5.30
Severity 3.x
MEDIUM
Base Score 2.0
4.30
Severity 2.0
MEDIUM



