CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/05/25 12:0 a.m.•5 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. An OS command injection vulnerability exists in TOTOLINK A8000RU version 7.1cu.643b20200521, which originates from the parameter enable operation of the function setGameSpeedCfg in the Web Management Interface...

10CVSS7.3AI score0.01254EPSS

EUVD•added 2026/05/24 11:30 p.m.•9 views

EUVD-2026-31606

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed...

10CVSS7AI score0.01254EPSS

RedhatCVE•added 2026/04/29 2:48 p.m.•2 views

CVE-2026-7122

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It is possible to launch the attack remotely. The...

10CVSS8.2AI score0.01221EPSS

Exploits0References1

CNNVD•added 2026/04/27 12:0 a.m.•5 views

TOTOLINK A8000RU 命令注入漏洞

The TOTOLINK A8000RU is a wireless router produced by TOTOLINK Corporation. The Totolink A8000RU 7.1cu.643b20200521 version contains a command injection vulnerability. This vulnerability stems from the setUPnPCfg function in the CGI Handler component/cgi-bin/cstecgi.cgi file, which processes the...

CNVD•added 2026/04/24 12:0 a.m.•4 views

Exploits0References2

TOTOLINK A3300R stunEnable Parameter Command Injection Vulnerability

The TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R stunEnable parameter, which stems from the cstecgi.cgi file failing to properly handle the stunEnable parameter and can be exploited by an attacker to...

9.8CVSS6AI score0.00612EPSS

Exploits1

Vulnrichment•added 2026/04/12 10:30 p.m.•1 views

CVE-2026-6132 Totolink A7100RU CGI cstecgi.cgi setLedCfg os command injection

A vulnerability was determined in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is...

10CVSS5.5AI score0.00316EPSS

NVD•added 2026/04/12 5:16 a.m.•1 views

CVE-2026-6115

A flaw has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection. The attack may be launched remotely. The exploit has...

10CVSS0.01221EPSS

NVD•added 2026/04/12 4:16 a.m.•1 views

CVE-2026-6113

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setTtyServiceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument ttyEnable leads to os command injection. The attack...

10CVSS0.01221EPSS

ATTACKERKB•added 2026/04/12 4:0 a.m.•0 views

CVE-2026-6115

10CVSS7AI score0.01221EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/04/12 12:0 a.m.•3 views

PT-2026-32148

A flaw has been found in Totolink A7100RU 7.4cu.2313 b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection. The attack may be launched remotely. The exploit has...

10CVSS5.5AI score0.01221EPSS

CNNVD•added 2026/04/12 12:0 a.m.•2 views

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version has a vulnerability related to operating system command injection. This vulnerability stems from the improper handling of the enable parameter in the setAppCfg...

EUVD•added 2026/04/10 9:31 a.m.•3 views

EUVD-2026-21322

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function setPptpServerCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable leads to os command injection. The attack may be initiated remotely...

10CVSS7AI score0.00316EPSS

EUVD•added 2026/04/10 9:31 a.m.•1 views

EUVD-2026-21318

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. This vulnerability affects the function setPortalConfWeChat of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument enable results in os command injection. The attack can ...

10CVSS7AI score0.00316EPSS

NVD•added 2026/04/10 7:16 a.m.•1 views

CVE-2026-6028

10CVSS0.00316EPSS

ATTACKERKB•added 2026/04/10 6:15 a.m.•2 views

CVE-2026-6028

10CVSS7AI score0.00316EPSS

Exploits0References5Affected Software1

CNNVD•added 2026/04/10 12:0 a.m.•4 views

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A7100RU 7.4cu.2313b20191024 version has a vulnerability related to operating system command injection. This vulnerability stems from incorrect handling of the parameter “enable” in the file...

CNNVD•added 2026/04/10 12:0 a.m.•2 views

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version has a vulnerability related to operating system command injection. This vulnerability stems from incorrect handling of the parameter “enable” in the file...