PT-2026-35691

A vulnerability was determined in Totolink A8000RU 7.1cu.643 b20200521. Impacted is the function setOpenVpnClientCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enabled can lead to os command injection. The attack may be performed from...

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router from TOTOLINK China. A security vulnerability exists in the TOTOLINK A7100RU v7.4cu.2313b20191024 firmware version, which originates from a command injection attack on the setOpenVpnCfg interface. An attacker can exploit this vulnerability to execute...

CVE-2022-27269

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution RCE vulnerability via the component configovpn. This vulnerability is triggered via a crafted packet...

CVE-2021-20145

Gryphon Tower routers contain an unprotected openvpn configuration file which can grant attackers access to the Gryphon homebound VPN network which exposes the LAN interfaces of other users' devices connected to the same service. An attacker could leverage this to make configuration changes to, o...