249 matches found
CVE-2026-7125
A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge leads to os command injection. The attack may be initiated remotely. T...
CVE-2026-7122
A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It is possible to launch the attack remotely. The...
TOTOLINK A8000RU 命令注入漏洞
The TOTOLINK A8000RU is a wireless router produced by TOTOLINK Corporation in China. The Totolink A8000RU 7.1cu.643b20200521 version contains a command injection vulnerability. This vulnerability stems from the setWizardCfg function in the CGI Handler component/cgi-bin/cstecgi.cgi file, which...
TOTOLINK A8000RU 命令注入漏洞
TOTOLINK A8000RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A8000RU 7.1cu.643b20200521 version contains a command injection vulnerability. This vulnerability stems from the function setDmzCfg in the CGI Handler component’s file/cgi-bin/cstecgi.cgi, which processes...
TOTOLINK A8000RU 命令注入漏洞
The TOTOLINK A8000RU is a wireless router produced by TOTOLINK Corporation. The Totolink A8000RU 7.1cu.643b20200521 version contains a command injection vulnerability. This vulnerability stems from the setIptvCfg function in the CGI Handler component/cgi-bin/cstecgi.cgi file, which allows for OS...
EUVD-2026-24051
UNSUPPORTED WHEN ASSIGNED An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00ABDV.3C0 could allow an adjacent attacker on the WLAN to cause a denial-of-service DoS condition in the web management interface by convincing an authenticated...
EUVD-2026-21766
A vulnerability was found in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument FileName results in os command injection. The attack may be initiated remotely...
TOTOLINK A7100RU 操作系统命令注入漏洞
The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A7100RU 7.4cu.2313b20191024 version contains a vulnerability related to operating system command injection. This vulnerability stems from improper handling of the parameter “FileName” in the function...
TOTOLINK A7100RU 操作系统命令注入漏洞
The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A7100RU 7.4cu.2313b20191024 version contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of the parameter “wizard” in the function...
CVE-2026-6113 Totolink A7100RU CGI cstecgi.cgi setTtyServiceCfg os command injection
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setTtyServiceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument ttyEnable leads to os command injection. The attack...
CVE-2026-5995
The CVE affects Totolink A7100RU (firmware 7.4cu.2313_b20191024). The vulnerable component is /cgi-bin/cstecgi.cgi, function setMiniuiHomeInfoShow, where manipulating the lan_info argument enables OS command injection. Impact is described as high for confidentiality, integrity, and availability, ...
Exploit for OS Command Injection in Php
CVE-2024-4577 Python Exploit Toolkit A Python toolkit for exp...
CVE-2026-4197
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...
CVE-2026-4468
A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and ma...
[SECURITY] Fedora 43 Update: python-multipart-1.3.1-1.fc43
This module provides a fast incremental non-blocking parser for multipart/form-data HTML5, RFC7578, as well as blocking alternatives for easier use in WSGI or CGI applications...
EUVD-2026-13598
A vulnerability was found in Yi Technology YI Home Camera 2 2.1.120171024151200. The impacted element is an unknown function of the file home/web/ipc of the component CGI Endpoint. Performing a manipulation results in missing authentication. Access to the local network is required for this attack...
Terrapack Arbitrary File Upload
Terrapack software suffers from an arbitrary file upload vulnerability that may allow attackers to execute arbitrary code. Affected software includes Terrapack TkWebCoreNG version 1.0.20200914, TKServerCGI version 2.5.4.150, and TpkWebGIS - Client version 1.0.0...
EUVD-2026-12275
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function...
PT-2026-25589
A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function cgi create...
tomcat: Apache Tomcat: Security constraint bypass for CGI scripts
A flaw was found in the CGI servlet component of Apache Tomcat. This vulnerability allows a security constraint bypass via improper handling of case sensitivity in the pathInfo component of a URI mapped to the CGI servlet...