EUVD-2026-21749

A vulnerability was determined in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is...

CVE-2026-6132 Totolink A7100RU CGI cstecgi.cgi setLedCfg os command injection

A vulnerability was determined in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is...

The vulnerability of the sub_42BD7C() function in the /goform/SetLEDCfg file of the Tenda TX9 Pro router’s microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sub42BD7C function in the /goform/SetLEDCfg file of the Tenda TX9 Pro router’s microprogramming system is related to buffer overflow based on a stack. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of th...

Tenda AC9 缓冲区错误漏洞

Tenda AC9 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC9 firmware version V15.03.05.19, which stems from its /goform/SetLEDCfg component's manipulation of the parameter time that allows a remote attacker to submit a special request resulting in a stack overflo...