Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

49 matches found

CVE
CVEadded 2026/04/27 8:30 p.m.5 views

CVE-2026-7156

Totolink A8000RU is affected by CVE-2026-7156 due to a vulnerability in the CGI Handler’s CsteSystem function (file /cgi-bin/cstecgi.cgi). The manipulation of the HTTP argument enables an OS command injection, with network remote exploitation possible. Public proof-of-concept exploit exists. No r...

10CVSS8.3AI score0.01221EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/27 8:30 p.m.1 views

CVE-2026-7156

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument HTTP results in os command injection. The attack may be launched remotely. The exploit is now...

10CVSS8.4AI score0.01221EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2026/04/27 8:30 p.m.23 views

CVE-2026-7156 Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument HTTP results in os command injection. The attack may be launched remotely. The exploit is now...

10CVSS0.01221EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/27 8:30 p.m.1 views

CVE-2026-7156 Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument HTTP results in os command injection. The attack may be launched remotely. The exploit is now...

10CVSS8.3AI score0.01221EPSS
Exploits0References5
NVD
NVDadded 2026/04/27 5:16 p.m.0 views

CVE-2026-7140

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument HTTP leads to os command injection. The attack may be performed from remote. The exploit has...

10CVSS0.01221EPSS
Exploits0References5
EUVD
EUVDadded 2026/04/27 4:30 p.m.1 views

EUVD-2026-25879

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument HTTP leads to os command injection. The attack may be performed from remote. The exploit has...

10CVSS8AI score0.01221EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/27 4:30 p.m.22 views

CVE-2026-7140 Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument HTTP leads to os command injection. The attack may be performed from remote. The exploit has...

10CVSS0.01221EPSS
Exploits0References5
CVE
CVEadded 2026/04/27 4:30 p.m.3 views

CVE-2026-7140

The CVE-2026-7140 entry concerns Totolink A8000RU (firmware 7.1cu.643_b20200521). The vulnerability resides in CsteSystem within /cgi-bin/cstecgi.cgi of the CGI Handler, enabling an os command injection via manipulation of an HTTP argument. Impact vectors indicate remote exploitation with high co...

10CVSS8.1AI score0.01221EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/04/27 12:0 a.m.1 views

TOTOLINK A8000RU 命令注入漏洞

The TOTOLINK A8000RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A8000RU 7.1cu.643b20200521 version has a command injection vulnerability. This vulnerability stems from the function CsteSystem in the cgi-bin/cstecgi.cgi file, which handles CGI commands. The operatio...

10CVSS7.3AI score0.01221EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/07 11:1 p.m.1 views

CVE-2026-5677

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument resetFlags results in os command injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS6.8AI score0.04736EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/06 6:30 p.m.16 views

CVE-2026-5677 Totolink A7100RU cstecgi.cgi CsteSystem os command injection

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument resetFlags results in os command injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS0.04736EPSS
Exploits0References5
CVE
CVEadded 2026/04/06 6:30 p.m.8 views

CVE-2026-5677

Totolink A7100RU 7.4cu.2313_b20191024 is affected by CVE-2026-5677. The vulnerability lies in the CsteSystem function in /cgi-bin/cstecgi.cgi, where manipulating the resetFlags argument enables OS command injection. The attack is remote and has publicly available exploit code. No remediation deta...

7.5CVSS6.8AI score0.04736EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/06 6:30 p.m.0 views

CVE-2026-5677 Totolink A7100RU cstecgi.cgi CsteSystem os command injection

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument resetFlags results in os command injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS5.7AI score0.04736EPSS
Exploits0References5
NVD
NVDadded 2026/02/23 8:28 p.m.4 views

CVE-2025-70329

TOTOLink X5000R v9.1.0cu2415B20250515 contains an OS command injection vulnerability in the setIptvCfg handler of the /usr/sbin/lighttpd executable. The vlanVidLan1 and other vlanVidLanX parameters are retrieved via UciGetStr and passed to the CsteSystem function without adequate validation or...

8CVSS0.00934EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2026/01/09 10:55 a.m.1 views

CVE-2022-38308

TOTOLink A700RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the lang parameter in the function cstesystem. This vulnerability allows attackers to execute arbitrary commands via a crafted payload...

9.8CVSS8.6AI score0.24521EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-52838

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00349EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-52834

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00349EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-52842

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00349EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-52843

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00349EPSS
Exploits1References1
NVD
NVDadded 2023/12/04 1:15 p.m.14 views

CVE-2023-48800

In TOTOLINK X6000RFirmware V9.4.0cu.852B20230719, the shttpd file sub417338 function obtains fields from the front-end, connects them through the snprintf function, and passes them to the CsteSystem function, resulting in a command execution vulnerability...

9.8CVSS0.00711EPSS
Exploits1References2
Rows per page
Query Builder