Lucene search
K

255 matches found

EUVD
EUVD
added 2026/05/01 1:30 a.m.7 views

EUVD-2026-26470

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function Vulnerability of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument proto leads to os command injection. The attack may be initiated remotely. The explo...

10CVSS8.3AI score0.01823EPSS
Exploits0References5
CVE
CVE
added 2026/05/01 1:30 a.m.12 views

CVE-2026-7538

Totolink A8000RU 7.1cu.643_b20200521 is affected by a CGI vulnerability in /cgi-bin/cstecgi.cgi where the proto parameter can be manipulated to trigger OS command injection. The issue allows remote exploitation and the exploit is publicly available. Affected component: CGI Handler (function Vulne...

10CVSS8.3AI score0.01823EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.8 views

PT-2026-36294

A vulnerability was detected in Totolink NR1800X 9.1.0u.6279 B20210910. This affects the function sub 41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now publ...

9CVSS7.1AI score0.01485EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/30 9:45 p.m.3 views

CVE-2026-7503 code-projects for Plugin cstecgi.cgi setWiFiMultipleConfig buffer overflow

A vulnerability was detected in code-projects for Plugin 4.1.2cu.5137. The impacted element is the function setWiFiMultipleConfig in the library /lib/cstemodules/wireless.so of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument wepkey2 results in buffer overflow. The attack can be...

9CVSS7.8AI score0.00447EPSS
Exploits0References5
NVD
NVD
added 2026/04/28 9:16 a.m.5 views

CVE-2026-7241

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wifiOff results in os command injection. The attack is possible to be carried...

10CVSS0.02448EPSS
Exploits0References5
NVD
NVD
added 2026/04/28 9:16 a.m.6 views

CVE-2026-7242

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setOpenVpnClientCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enabled can lead to os command injection. The attack may be performed from...

10CVSS0.02452EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/28 7:45 a.m.5 views

CVE-2026-7242 Totolink A8000RU CGI cstecgi.cgi setOpenVpnClientCfg os command injection

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setOpenVpnClientCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enabled can lead to os command injection. The attack may be performed from...

10CVSS8.2AI score0.02452EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/28 7:45 a.m.5 views

CVE-2026-7242

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setOpenVpnClientCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enabled can lead to os command injection. The attack may be performed from...

10CVSS5.2AI score0.02452EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/28 7:30 a.m.5 views

CVE-2026-7241

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wifiOff results in os command injection. The attack is possible to be carried...

10CVSS5.2AI score0.02448EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/28 7:15 a.m.6 views

CVE-2026-7240

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument User leads to os command injection. The attack can be executed remotely...

10CVSS5.3AI score0.02426EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/28 12:15 a.m.3 views

CVE-2026-7204

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setPptpServerCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. The attack may be initiated remotely. The...

10CVSS8.3AI score0.02448EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/28 12:0 a.m.4 views

CVE-2026-7203

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable results in os command injection. The attack can be launched remotely...

10CVSS8.2AI score0.02448EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/28 12:0 a.m.3 views

CVE-2026-7203 Totolink A8000RU CGI cstecgi.cgi setUrlFilterRules os command injection

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable results in os command injection. The attack can be launched remotely...

10CVSS8.2AI score0.02448EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.5 views

PT-2026-35573

A vulnerability was determined in Totolink A8000RU 7.1cu.643 b20200521. This issue affects the function setPptpServerCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. The attack may be initiated remotely. The...

10CVSS5.2AI score0.02448EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.9 views

TOTOLINK A8000RU 命令注入漏洞

TOTOLINK A8000RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A8000RU 7.1cu.643b20200521 version contains a command injection vulnerability. This vulnerability stems from the setOpenVpnClientCfg function in the CGI Handler component, specifically the handling of the...

10CVSS7.3AI score0.02452EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.7 views

PT-2026-35691

A vulnerability was determined in Totolink A8000RU 7.1cu.643 b20200521. Impacted is the function setOpenVpnClientCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enabled can lead to os command injection. The attack may be performed from...

10CVSS8.2AI score0.02452EPSS
Exploits0References8
EUVD
EUVD
added 2026/04/27 11:45 p.m.7 views

EUVD-2026-25959

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This affects the function setWiFiWpsStart of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument wscDisabled leads to os command injection. The attack can be initiated remotely. The...

10CVSS8.1AI score0.02448EPSS
Exploits0References5
CVE
CVE
added 2026/04/27 11:45 p.m.13 views

CVE-2026-7202

The CVE concerns Totolink A8000RU (firmware 7.1cu.643_b20200521). It affects the CGI Handler’s file /cgi-bin/cstecgi.cgi, in the function setWiFiWpsStart, where manipulating the argument wscDisabled enables OS command injection. Impact is high on confidentiality, integrity, and availability (per ...

10CVSS8.1AI score0.02448EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/27 8:30 p.m.27 views

CVE-2026-7156 Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument HTTP results in os command injection. The attack may be launched remotely. The exploit is now...

10CVSS0.01785EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/27 8:30 p.m.5 views

CVE-2026-7156 Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument HTTP results in os command injection. The attack may be launched remotely. The exploit is now...

10CVSS8.3AI score0.01785EPSS
Exploits0References5
Rows per page
Query Builder