Lucene search
K

249 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/27 12:45 p.m.5 views

CVE-2026-7125

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge leads to os command injection. The attack may be initiated remotely. T...

10CVSS8.3AI score0.01766EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/04/27 12:16 p.m.7 views

CVE-2026-7122

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It is possible to launch the attack remotely. The...

10CVSS0.01766EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.13 views

TOTOLINK A8000RU 命令注入漏洞

The TOTOLINK A8000RU is a wireless router produced by TOTOLINK Corporation in China. The Totolink A8000RU 7.1cu.643b20200521 version contains a command injection vulnerability. This vulnerability stems from the setWizardCfg function in the CGI Handler component/cgi-bin/cstecgi.cgi file, which...

10CVSS7.3AI score0.01947EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.9 views

TOTOLINK A8000RU 命令注入漏洞

TOTOLINK A8000RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A8000RU 7.1cu.643b20200521 version contains a command injection vulnerability. This vulnerability stems from the function setDmzCfg in the CGI Handler component’s file/cgi-bin/cstecgi.cgi, which processes...

10CVSS7.3AI score0.01766EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.10 views

TOTOLINK A8000RU 命令注入漏洞

The TOTOLINK A8000RU is a wireless router produced by TOTOLINK Corporation. The Totolink A8000RU 7.1cu.643b20200521 version contains a command injection vulnerability. This vulnerability stems from the setIptvCfg function in the CGI Handler component/cgi-bin/cstecgi.cgi file, which allows for OS...

10CVSS7.3AI score0.01766EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/21 1:42 a.m.6 views

EUVD-2026-24051

UNSUPPORTED WHEN ASSIGNED An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00ABDV.3C0 could allow an adjacent attacker on the WLAN to cause a denial-of-service DoS condition in the web management interface by convincing an authenticated...

4.5CVSS5.8AI score0.00182EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/13 3:30 a.m.8 views

EUVD-2026-21766

A vulnerability was found in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument FileName results in os command injection. The attack may be initiated remotely...

10CVSS7AI score0.02199EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.9 views

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A7100RU 7.4cu.2313b20191024 version contains a vulnerability related to operating system command injection. This vulnerability stems from improper handling of the parameter “FileName” in the function...

10CVSS7.3AI score0.01823EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.6 views

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A7100RU 7.4cu.2313b20191024 version contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of the parameter “wizard” in the function...

10CVSS7.3AI score0.01823EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/12 3:0 a.m.37 views

CVE-2026-6113 Totolink A7100RU CGI cstecgi.cgi setTtyServiceCfg os command injection

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setTtyServiceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument ttyEnable leads to os command injection. The attack...

10CVSS0.01803EPSS
Exploits0References5
CVE
CVE
added 2026/04/10 12:45 a.m.13 views

CVE-2026-5995

The CVE affects Totolink A7100RU (firmware 7.4cu.2313_b20191024). The vulnerable component is /cgi-bin/cstecgi.cgi, function setMiniuiHomeInfoShow, where manipulating the lan_info argument enables OS command injection. Impact is described as high for confidentiality, integrity, and availability, ...

10CVSS6.9AI score0.01823EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/04/03 5:15 p.m.214 views

Exploit for OS Command Injection in Php

CVE-2024-4577 Python Exploit Toolkit A Python toolkit for exp...

9.8CVSS6.5AI score0.99987EPSS
Exploits64
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.7 views

CVE-2026-4197

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...

9.8CVSS6.2AI score0.16779EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:14 p.m.5 views

CVE-2026-4468

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and ma...

5.8CVSS5.5AI score0.02097EPSS
Exploits0References1
Fedora
Fedora
added 2026/03/25 1:39 a.m.6 views

[SECURITY] Fedora 43 Update: python-multipart-1.3.1-1.fc43

This module provides a fast incremental non-blocking parser for multipart/form-data HTML5, RFC7578, as well as blocking alternatives for easier use in WSGI or CGI applications...

7.5CVSS5.9AI score0.00606EPSS
Exploits0
EUVD
EUVD
added 2026/03/20 9:32 a.m.5 views

EUVD-2026-13598

A vulnerability was found in Yi Technology YI Home Camera 2 2.1.120171024151200. The impacted element is an unknown function of the file home/web/ipc of the component CGI Endpoint. Performing a manipulation results in missing authentication. Access to the local network is required for this attack...

6.3CVSS6AI score0.00316EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/03/17 12:0 a.m.7 views

Terrapack Arbitrary File Upload

Terrapack software suffers from an arbitrary file upload vulnerability that may allow attackers to execute arbitrary code. Affected software includes Terrapack TkWebCoreNG version 1.0.20200914, TKServerCGI version 2.5.4.150, and TpkWebGIS - Client version 1.0.0...

6AI score0.00384EPSS
Exploits0
EUVD
EUVD
added 2026/03/16 3:30 p.m.5 views

EUVD-2026-12275

A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function...

6.5CVSS5.6AI score0.03831EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.6 views

PT-2026-25589

A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function cgi create...

6.5CVSS5.5AI score0.04088EPSS
Exploits1References15
RedHat Linux
RedHat Linux
added 2026/02/16 6:57 p.m.4 views

tomcat: Apache Tomcat: Security constraint bypass for CGI scripts

A flaw was found in the CGI servlet component of Apache Tomcat. This vulnerability allows a security constraint bypass via improper handling of case sensitivity in the pathInfo component of a URI mapped to the CGI servlet...

7.3CVSS5.7AI score0.02736EPSS
Exploits1References5
Rows per page
Query Builder