CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/05/26 2:13 p.m.•7 views

CVE-2026-9437

A vulnerability has been found in DTStack Taier 1.4.0. This affects the function Runtime.exec of the component REST API. The manipulation of the argument sqlText leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may ...

6.5CVSS6.2AI score0.01409EPSS

RedhatCVE•added 2026/05/26 2:13 p.m.•8 views

CVE-2026-9347

A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection. It is possible to initiate the attack remotely. The explo...

6.5CVSS6.2AI score0.01433EPSS

RedhatCVE•added 2026/05/26 2:13 p.m.•7 views

CVE-2026-9361

A weakness has been identified in Edimax EW-7438RPn 1.12. This affects the function formAccept of the file /goform/formAccep of the component POST Request Handler. This manipulation of the argument submit-url causes command injection. The attack may be initiated remotely. The exploit has been mad...

6.5CVSS6.4AI score0.01409EPSS

RedhatCVE•added 2026/05/26 2:12 p.m.•8 views

CVE-2026-9455

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument FileName leads to os command injection. Remote exploitation of the...

10CVSS6.9AI score0.01254EPSS

RedhatCVE•added 2026/05/26 2:12 p.m.•8 views

CVE-2026-9456

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setOpenVpnCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enabled results in os command injection. The attack can be executed remotely. The...

10CVSS7AI score0.01254EPSS

RedhatCVE•added 2026/05/26 2:12 p.m.•11 views

CVE-2026-9407

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this vulnerability is the function setFirewallType of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument firewallType leads to os command injection...

10CVSS6.9AI score0.01254EPSS

EUVD•added 2026/05/26 12:30 p.m.•8 views

EUVD-2026-31816

CVE•added 2026/05/26 12:30 p.m.•10 views

CVE-2026-9543

CVE-2026-9543 - Totolink N300RH is affected through the Web Management Interface file /cgi-bin/cstecgi.cgi, function setPasswordCfg. Manipulating the argument admpass enables an OS command injection, allowing remote execution. Public exploit details exist, with HIGH impact on confidentiality, int...

ATTACKERKB•added 2026/05/26 12:30 p.m.•10 views

CVE-2026-9543

Exploits0References5Affected Software1

Vulnrichment•added 2026/05/26 12:30 p.m.•7 views

CVE-2026-9543 Totolink N300RH Web Management cstecgi.cgi setPasswordCfg os command injection

RedhatCVE•added 2026/05/26 9:0 a.m.•10 views

CVE-2026-42586

A flaw was found in Netty, an asynchronous, event-driven network application framework. The Netty Redis codec encoder RedisEncoder does not properly validate or sanitize user-controlled string content for CRLF Carriage Return Line Feed characters. A remote attacker, by controlling the content of ...

7.1CVSS6.7AI score0.00008EPSS

Exploits1References4

NVD•added 2026/05/26 7:16 a.m.•7 views

CVE-2026-9533

A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The impacted element is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument fwUrl/magicid results in os command injection. It is possible to initiate...

6.5CVSS0.04841EPSS

Vulnrichment•added 2026/05/26 5:30 a.m.•6 views

CVE-2026-9534 Totolink CA750-PoE Setting cstecgi.cgi setWiFiWpsConfig os command injection

A flaw has been found in Totolink CA750-PoE 6.2c.510. This affects the function setWiFiWpsConfig of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executing a manipulation of the argument PIN can lead to os command injection. It is possible to launch the attack remotely. The...

6.5CVSS6.4AI score0.04841EPSS

Cvelist•added 2026/05/26 5:30 a.m.•31 views

CVE-2026-9534 Totolink CA750-PoE Setting cstecgi.cgi setWiFiWpsConfig os command injection

6.5CVSS0.04841EPSS

ATTACKERKB•added 2026/05/26 5:30 a.m.•12 views

CVE-2026-9534

6.5CVSS6.4AI score0.04841EPSS

Exploits0References5Affected Software1

NVD•added 2026/05/26 5:16 a.m.•9 views

CVE-2026-9531

A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The...

6.5CVSS0.04841EPSS

ATTACKERKB•added 2026/05/26 5:15 a.m.•9 views

CVE-2026-9533

6.5CVSS6.5AI score0.04841EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/05/26 5:15 a.m.•7 views

CVE-2026-9533 Totolink CA750-PoE Setting cstecgi.cgi recvUpgradeNewFw os command injection

6.5CVSS6.5AI score0.04841EPSS