3873 matches found
CVE-2026-7121 Totolink A8000RU CGI cstecgi.cgi setWizardCfg os command injection
A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument wizard causes os command injection. It is possible to initiate the attack remotely. The exploit has...
EUVD-2026-25835
A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument wizard causes os command injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2026-7121
A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument wizard causes os command injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2026-7121
Totolink A8000RU 7.1cu.643_b20200521 has a vulnerability in the CGI Handler, specifically the setWizardCfg function in /cgi-bin/cstecgi.cgi. The wizard parameter manipulation leads to os command injection, with remote exploit possibility and an exploit published. The CVE indicates a critical seve...
CVE-2026-7119
CVE-2026-7119 affects: Tenda HG3 2.0. The vulnerability lies in an unknown function within the file /boaform/formCountrystr, where manipulating the argument countrystr leads to an OS command injection . This can be exploited remotely, and the exploit is publicly available. The connected sources s...
CVE-2026-7102
A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be...
CVE-2026-7102 Tenda F456 httpd WriteFacMac FromWriteFacMac command injection
A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be...
EUVD-2026-25802
A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be...
CVE-2026-7096 Tenda HG3 formgponConf os command injection
A security flaw has been discovered in Tenda HG3 2.0 300003070. This vulnerability affects the function formgponConf of the file /boaform/admin/formgponConf. The manipulation of the argument fmgponloid results in os command injection. It is possible to launch the attack remotely. The exploit has...
EUVD-2026-25786
A security flaw has been discovered in Tenda HG3 2.0 300003070. This vulnerability affects the function formgponConf of the file /boaform/admin/formgponConf. The manipulation of the argument fmgponloid results in os command injection. It is possible to launch the attack remotely. The exploit has...
CVE-2026-7096
The CVE-2026-7096 entry concerns Tenda HG3 (2.0 300003070) where the vulnerable component is formgponConf under /boaform/admin/formgponConf. The root cause is manipulation of the fmgpon_loid parameter leading to an OS command injection, with a network-exposed (remote) attack surface and a high im...
PT-2026-35529
A vulnerability was detected in Totolink A8000RU 7.1cu.643 b20200521. Affected is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument HTTP results in os command injection. The attack may be launched remotely. The exploit is now...
PT-2026-35419
A vulnerability was identified in Totolink A8000RU 7.1cu.643 b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge leads to os command injection. The attack may be initiated remotely...
PT-2026-35521
A security flaw has been discovered in Totolink A8000RU 7.1cu.643 b20200521. The impacted element is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sys info results in os command injection. The attack can...
PT-2026-35530
A flaw has been found in disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc. Affected by this vulnerability is an unknown functionality of the file src/aider mcp server/server.py of the component aider ai code. This manipulation of the argument relative editable files causes...
PT-2026-35525
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643 b20200521. This impacts the function setLoginPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument admpass leads to os command injection. The attack may be initiated...
PT-2026-35451
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643 b20200521. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument sambaEnabled leads to os command injection. Remote exploitation of the attack...
TOTOLINK A8000RU 命令注入漏洞
The TOTOLINK A8000RU is a wireless router produced by TOTOLINK Corporation. The Totolink A8000RU 7.1cu.643b20200521 version contains a command injection vulnerability. This vulnerability stems from the setIptvCfg function in the CGI Handler component/cgi-bin/cstecgi.cgi file, which allows for OS...
PT-2026-35452
A vulnerability was detected in Totolink A8000RU 7.1cu.643 b20200521. This vulnerability affects the function setNtpCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument tz results in os command injection. The attack can be executed remotely. The...
PT-2026-35524
A weakness has been identified in Totolink A8000RU 7.1cu.643 b20200521. This affects the function setAdvancedInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument tty server can lead to os command injection. The attack can be launched...