4 matches found
CVE-2026-7538
Totolink A8000RU 7.1cu.643_b20200521 is affected by a CGI vulnerability in /cgi-bin/cstecgi.cgi where the proto parameter can be manipulated to trigger OS command injection. The issue allows remote exploitation and the exploit is publicly available. Affected component: CGI Handler (function Vulne...
TOTOLINK A3300R user parameter command injection vulnerability
TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R user parameter, which originates from the failure of the user parameter in cstecgi.cgi to properly filter special characters, and can be exploited by an...
The vulnerability of the /cgi-bin/cstecgi.cgi file, a microprogramming system for the TOTOLink T6 mesh system, allows a perpetrator to increase their privileges.
The vulnerability of the /cgi-bin/cstecgi.cgi file of the mesh-system software TOTOLink T6 is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to enhance their privileges remotely...
The vulnerability of the /cgi-bin/cstecgi.cgi file, a microprogramming software for the Totolink T8 router, allows a hacker to disclose protected information.
The vulnerability of the /cgi-bin/cstecgi.cgi file, a microprogramming system for the Totolink T8 router, is related to an incorrect session duration. Exploiting this vulnerability can allow a malicious actor to disclose protected information...