Lucene search
K

4 matches found

CVE
CVE
added 2026/05/01 1:30 a.m.12 views

CVE-2026-7538

Totolink A8000RU 7.1cu.643_b20200521 is affected by a CGI vulnerability in /cgi-bin/cstecgi.cgi where the proto parameter can be manipulated to trigger OS command injection. The issue allows remote exploitation and the exploit is publicly available. Affected component: CGI Handler (function Vulne...

10CVSS8.3AI score0.01823EPSS
Exploits0References5
CNVD
CNVD
added 2026/04/24 12:0 a.m.9 views

TOTOLINK A3300R user parameter command injection vulnerability

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R user parameter, which originates from the failure of the user parameter in cstecgi.cgi to properly filter special characters, and can be exploited by an...

6.5CVSS6AI score0.00279EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2024/02/12 12:0 a.m.5 views

The vulnerability of the /cgi-bin/cstecgi.cgi file, a microprogramming system for the TOTOLink T6 mesh system, allows a perpetrator to increase their privileges.

The vulnerability of the /cgi-bin/cstecgi.cgi file of the mesh-system software TOTOLink T6 is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to enhance their privileges remotely...

6.5CVSS6AI score0.00644EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/31 12:0 a.m.7 views

The vulnerability of the /cgi-bin/cstecgi.cgi file, a microprogramming software for the Totolink T8 router, allows a hacker to disclose protected information.

The vulnerability of the /cgi-bin/cstecgi.cgi file, a microprogramming system for the Totolink T8 router, is related to an incorrect session duration. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

3.7CVSS5.8AI score0.0153EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder