CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/04/15 1:22 a.m.•2 views

CVE-2026-6139

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The...

CVE-2026-6155

A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument pppoeServiceName can lead to os command injection. The attack may be launched...

RedhatCVE•added 2026/04/14 7:22 p.m.•4 views

CVE-2026-6113

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setTtyServiceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument ttyEnable leads to os command injection. The attack...

RedhatCVE•added 2026/04/14 7:22 p.m.•1 views

CVE-2026-6114

A vulnerability was detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setNetworkCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument proto results in os command injection. The attack may be initiated...

10CVSS7.1AI score0.01221EPSS

CVE-2026-6027

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. This issue affects the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection. The attack can be launched...

CVE-2026-5977

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wifiOff can lead to os command injection. It is possible to launch the attack...

RedhatCVE•added 2026/04/14 7:22 p.m.•3 views

CVE-2026-5978

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument mode leads to os command injection. The attack can be initiated remotely. Th...

10CVSS6.9AI score0.01221EPSS

CVE-2026-6131

A vulnerability was found in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument command results in os command injection. The attack may be launched...

RedhatCVE•added 2026/04/14 7:22 p.m.•1 views

CVE-2026-5993

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wifiOff leads to os command injection. The attack can be executed...

10CVSS7.1AI score0.01221EPSS

RedhatCVE•added 2026/04/14 7:22 a.m.•1 views

CVE-2026-5996

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setAdvancedInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument ttyserver leads to os command injection. It is possible to...

10CVSS5.5AI score0.01221EPSS

RedhatCVE•added 2026/04/14 1:22 a.m.•2 views

CVE-2026-5976

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sambaEnabled results in os command injection. It is possible to initiate th...

10CVSS5.6AI score0.01221EPSS

RedhatCVE•added 2026/04/14 1:22 a.m.•1 views

CVE-2026-5850

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru leads to os command injection. Remote exploitation of the attack is possible...

10CVSS5.6AI score0.00371EPSS

RedhatCVE•added 2026/04/13 7:23 p.m.•2 views

CVE-2026-6115

A flaw has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection. The attack may be launched remotely. The exploit has...

10CVSS5.5AI score0.01221EPSS

EUVD•added 2026/04/13 6:30 p.m.•2 views

EUVD-2026-22036

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument admpass leads to os command injection. The attack can be...

10CVSS5.6AI score0.01235EPSS

Exploits0References6

NVD•added 2026/04/13 6:16 p.m.•3 views

CVE-2026-6195

10CVSS0.01235EPSS

ATTACKERKB•added 2026/04/13 5:30 p.m.•3 views

CVE-2026-6195

10CVSS5.6AI score0.01235EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/04/13 5:30 p.m.•4 views

CVE-2026-6195 Totolink A7100RU CGI cstecgi.cgi setPasswordCfg os command injection

10CVSS5.6AI score0.01235EPSS

Cvelist•added 2026/04/13 5:30 p.m.•17 views

CVE-2026-6195 Totolink A7100RU CGI cstecgi.cgi setPasswordCfg os command injection

10CVSS0.01235EPSS

CVE•added 2026/04/13 5:30 p.m.•7 views

CVE-2026-6195

Totolink A7100RU (firmware 7.4cu.2313_b20191024) is affected by a vulnerability in CGI Handler’s /cgi-bin/cstecgi.cgi setPasswordCfg. Manipulating the admpass argument enables os command injection and can be exploited remotely. The exploit is publicly disclosed. No additional technical details (e...

10CVSS7AI score0.01235EPSS