CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19524 matches found

NVD•added 2026/04/12 5:16 a.m.•1 views

CVE-2026-6116

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument ip leads to os command injection. Remote exploitation of the attack is...

10CVSS0.01221EPSS

Exploits0References5

NVD•added 2026/04/12 5:16 a.m.•1 views

CVE-2026-6115

A flaw has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection. The attack may be launched remotely. The exploit has...

10CVSS0.01221EPSS

Exploits0References5

Vulnrichment•added 2026/04/12 4:45 a.m.•1 views

CVE-2026-6118 AstrBotDevs AstrBot MCP Endpoint tools.py add_mcp_server command injection

A vulnerability was determined in AstrBotDevs AstrBot up to 4.22.1. Impacted is the function addmcpserver of the file astrbot/dashboard/routes/tools.py of the component MCP Endpoint. This manipulation of the argument command causes command injection. The attack is possible to be carried out...

6.5CVSS6.3AI score0.03277EPSS

Exploits0References5

NVD•added 2026/04/12 4:16 a.m.•1 views

CVE-2026-6113

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setTtyServiceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument ttyEnable leads to os command injection. The attack...

10CVSS0.01221EPSS

Exploits0References5

NVD•added 2026/04/12 4:16 a.m.•2 views

CVE-2026-6114

A vulnerability was detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setNetworkCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument proto results in os command injection. The attack may be initiated...

10CVSS0.01221EPSS

Exploits0References5

NVD•added 2026/04/12 4:16 a.m.•0 views

CVE-2026-6112

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be initiated remotely. The...

10CVSS0.01221EPSS

Exploits0References5

ATTACKERKB•added 2026/04/12 4:15 a.m.•1 views

CVE-2026-6116

10CVSS6.8AI score0.01221EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/04/12 4:15 a.m.•3 views

CVE-2026-6116 Totolink A7100RU CGI cstecgi.cgi setDiagnosisCfg os command injection

10CVSS6.8AI score0.01221EPSS

Exploits0References5

Cvelist•added 2026/04/12 4:0 a.m.•33 views

CVE-2026-6115 Totolink A7100RU CGI cstecgi.cgi setAppCfg os command injection

10CVSS0.01221EPSS

Exploits0References5

ATTACKERKB•added 2026/04/12 4:0 a.m.•0 views

CVE-2026-6115

10CVSS7AI score0.01221EPSS

Exploits0References5Affected Software1

ATTACKERKB•added 2026/04/12 3:30 a.m.•0 views

CVE-2026-6114

10CVSS7.1AI score0.01221EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/04/12 3:0 a.m.•26 views

CVE-2026-6113 Totolink A7100RU CGI cstecgi.cgi setTtyServiceCfg os command injection

10CVSS0.01221EPSS

Exploits0References5

Vulnrichment•added 2026/04/12 2:45 a.m.•0 views

CVE-2026-6112 Totolink A7100RU CGI cstecgi.cgi setRadvdCfg os command injection

10CVSS5.6AI score0.01221EPSS

Exploits0References5

CVE•added 2026/04/12 2:45 a.m.•8 views

CVE-2026-6112

Totolink A7100RU CGI vulnerability: the setRadvdCfg function in /cgi-bin/cstecgi.cgi is exploitable via maxRtrAdvInterval, enabling OS command injection over the network. Impact high (confidentiality, integrity, availability). Affected firmware: 7.4cu.2313_b20191024. Exploit publicly available; e...

10CVSS7AI score0.01221EPSS

Exploits0References5

ATTACKERKB•added 2026/04/12 2:45 a.m.•1 views

CVE-2026-6112

10CVSS7AI score0.01221EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/04/12 2:45 a.m.•30 views

CVE-2026-6112 Totolink A7100RU CGI cstecgi.cgi setRadvdCfg os command injection

10CVSS0.01221EPSS

Exploits0References5

NVD•added 2026/04/12 1:16 a.m.•1 views

CVE-2026-6108

A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps/application/flow/stepnode/mcpnode/impl/basemcpnode.py of the component Model Context Protocol Node. Performing a manipulation results in os command injection. The attack is...

6.5CVSS0.00421EPSS

Exploits0References4

EUVD•added 2026/04/12 1:0 a.m.•0 views

EUVD-2026-21690

6.5CVSS5.5AI score0.00421EPSS

Exploits0References4

CVE•added 2026/04/12 1:0 a.m.•8 views

CVE-2026-6108

1Panel-dev MaxKB up to 2.6.1 is affected in the Model Context Protocol Node, specifically the execute function in apps/application/flow/step_node/mcp_node/impl/base_mcp_node.py. The vulnerability allows remote OS command injection via manipulation of the node, with exploitation described as publi...

6.5CVSS6.3AI score0.00421EPSS

Exploits0References4

Positive Technologies•added 2026/04/12 12:0 a.m.•1 views

PT-2026-32147

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A vulnerability exists in the Totolink A7100RU router, specifically within the CGI Handler component. Manipulation of the proto argument in the setNetworkCfg function of the...

10CVSS7.2AI score0.01221EPSS

Exploits0References11

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by