EIP-2026-101509

PRE-CVE

8 TOTOLINK Router Models - Backdoor Access / Remote Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101509. PoCs published by Pierre Kim.

AI-analyzed exploit summary This advisory details a backdoor and RCE vulnerability in multiple TOTOLINK router models, allowing attackers to open remote management interfaces and execute arbitrary commands via a hidden form.

Description

8 TOTOLINK Router Models - Backdoor Access / Remote Code Execution

Exploits (1)

exploitdb WRITEUP

by Pierre Kim · textwebappshardware

https://www.exploit-db.com/exploits/37626

View Code ZIP pw:eip

This advisory details a backdoor and RCE vulnerability in multiple TOTOLINK router models, allowing attackers to open remote management interfaces and execute arbitrary commands via a hidden form.

Classification

Writeup 100%

Attack Type

Rce | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: TOTOLINK routers (A850R-V1, F1-V2, F2-V1, N150RT-V2, N151RT-V2, N300RH-V2, N300RH-V3, N300RT-V2)

No auth needed

Prerequisites: Network access to the target router · Knowledge of the router's WAN IP

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026