3875 matches found
PT-2026-43041
A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component SkillsLoader. Performing a manipulation of the argument requires.bins results in command injection. T...
PT-2026-43016
A vulnerability has been found in DTStack Taier 1.4.0. This affects the function Runtime.exec of the component REST API. The manipulation of the argument sqlText leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may ...
PT-2026-43157
Name of the Vulnerable Software and Affected Versions Totolink CA750-PoE version 6.2c.510 Description An OS command injection issue exists in the Setting Handler component. The setNetworkDiag function within the '/cgi-bin/cstecgi.cgi' endpoint fails to properly sanitize several arguments, allowin...
PT-2026-43099
A weakness has been identified in Totolink A8000RU 7.1cu.643 b20200521. Impacted is the function setParentalRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack may be perform...
TOTOLINK A8000RU 操作系统命令注入漏洞
The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the operation of the function setWiFiWpsCfg in the file /cgi-bin/cstecgi.cgi of the Web...
PT-2026-43046
A vulnerability was determined in Totolink A8000RU 7.1cu.643 b20200521. The affected element is the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument FileName causes os command injection. The attack is possibl...
PT-2026-43010
A security flaw has been discovered in Totolink A8000RU 7.1cu.643 b20200521. This vulnerability affects the function setWiFiAdvancedCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument bgProtection results in os command injection. The...
PT-2026-43047
A vulnerability was identified in Totolink A8000RU 7.1cu.643 b20200521. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument enabled leads to os command injection. The attack may be performed...
PT-2026-43044
A vulnerability was found in Totolink A8000RU 7.1cu.643 b20200521. Impacted is the function setOpenVpnCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enabled results in os command injection. The attack can be executed remotely. The...
PT-2026-43014
A vulnerability was detected in Totolink A8000RU 7.1cu.643 b20200521. The affected element is the function setQosCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument enable results in os command injection. Remote exploitation of...
PT-2026-43142
Name of the Vulnerable Software and Affected Versions Totolink CA750-PoE version 6.2c.510 Description An OS command injection issue exists in the Setting Handler component. A remote attacker can manipulate the webWlanIdx argument within the setWebWlanIdx function of the '/cgi-bin/cstecgi.cgi'...
CVE-2026-9407
Totolink A8000RU Web Management interface (/cgi-bin/cstecgi.cgi) contains a vulnerability in the setFirewallType function that allows OS command injection when the firewallType argument is manipulated. Affected product version: 7.1cu.643_b20200521. The attack is remotely executable and the exploi...
CVE-2026-9407
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this vulnerability is the function setFirewallType of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument firewallType leads to os command injection...
EUVD-2026-31606
A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed...
CVE-2026-9406
A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed...
CVE-2026-9402
A vulnerability was found in Edimax BR-6675nD 1.12. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component POST Request Handler. The manipulation of the argument...
CVE-2026-9404
A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. Th...
CVE-2026-9405
A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This impacts the function setGameSpeedCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument enable results in os command injection. Remote exploitation o...
EUVD-2026-31607
A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. Th...
CVE-2026-9404
CVE-2026-9404 affects Totolink A8000RU Web Management Interface. The vulnerable component is the file /cgi-bin/cstecgi.cgi (function: setDdnsCfg). The issue arises from manipulation of the argument provider, leading to OS command injection . The vulnerability may be exploited remotely, and public...