TOTOLINK X18 V9.1.0cu.2024_B20220329 exists to contain a command injection vulnerability via the pid parameter in the disconnectVPN function.
totolink x18_firmware 9.1.0cu.2024_b20220329