Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

39 matches found

NVD
NVDadded 2026/05/24 11:16 p.m.6 views

CVE-2026-9404

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. Th...

10CVSS0.01254EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/05/24 11:0 p.m.6 views

CVE-2026-9404 Totolink A8000RU Web Management cstecgi.cgi setDdnsCfg os command injection

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. Th...

10CVSS5.7AI score0.01254EPSS
Exploits0References5
CVE
CVEadded 2026/05/24 11:0 p.m.10 views

CVE-2026-9404

CVE-2026-9404 affects Totolink A8000RU Web Management Interface. The vulnerable component is the file /cgi-bin/cstecgi.cgi (function: setDdnsCfg). The issue arises from manipulation of the argument provider, leading to OS command injection . The vulnerability may be exploited remotely, and public...

10CVSS7.1AI score0.01254EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/24 11:0 p.m.9 views

CVE-2026-9404 Totolink A8000RU Web Management cstecgi.cgi setDdnsCfg os command injection

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. Th...

10CVSS0.01254EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/24 11:0 p.m.10 views

EUVD-2026-31607

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. Th...

10CVSS7.1AI score0.01254EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/05/24 12:0 a.m.4 views

TOTOLINK A8000RU 操作系统命令注入漏洞

TOTOLINK A8000RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A8000RU 7.1cu.643b20200521 version contains an operating system command injection vulnerability. This vulnerability stems from improper handling of the provider parameter in the setDdnsCfg function of the...

10CVSS7.3AI score0.01254EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/04/07 11:1 p.m.1 views

CVE-2026-5688

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. The exploit has been disclosed...

7.5CVSS6.8AI score0.01153EPSS
Exploits0References1
NVD
NVDadded 2026/04/06 11:16 p.m.0 views

CVE-2026-5688

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. The exploit has been disclosed...

7.5CVSS0.01153EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/06 10:15 p.m.17 views

CVE-2026-5688 Totolink A7100RU cstecgi.cgi setDdnsCfg os command injection

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. The exploit has been disclosed...

7.5CVSS0.01153EPSS
Exploits0References5
CVE
CVEadded 2026/04/06 10:15 p.m.7 views

CVE-2026-5688

The CVE-2026-5688 affects Totolink A7100RU 7.4cu.2313_b20191024, specifically the /cgi-bin/cstecgi.cgi function setDdnsCfg. The vulnerability is an OS command injection triggered by manipulation of the provider argument, exposing remote attack potential. Exploitation is publicly disclosed per the...

7.5CVSS6.8AI score0.01153EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/06 10:15 p.m.1 views

CVE-2026-5688 Totolink A7100RU cstecgi.cgi setDdnsCfg os command injection

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. The exploit has been disclosed...

7.5CVSS6.8AI score0.01153EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/10/28 6:59 a.m.5 views

CVE-2025-12239

A weakness has been identified in TOTOLINK A3300R 17.0.0cu.557B20221024. The impacted element is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Executing manipulation can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public...

9.8CVSS6.8AI score0.0043EPSS
Exploits1References1
OSV
OSVadded 2025/10/27 7:15 a.m.1 views

CVE-2025-12239

A weakness has been identified in TOTOLINK A3300R 17.0.0cu.557B20221024. The impacted element is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Executing manipulation can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public...

9.8CVSS6.2AI score
Exploits0References5
EUVD
EUVDadded 2025/10/27 6:32 a.m.1 views

EUVD-2025-36098

A weakness has been identified in TOTOLINK A3300R 17.0.0cu.557B20221024. The impacted element is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Executing manipulation can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public...

9.8CVSS8.7AI score0.0043EPSS
Exploits1References6
Cvelist
Cvelistadded 2025/10/27 6:32 a.m.21 views

CVE-2025-12239 TOTOLINK A3300R cstecgi.cgi setDdnsCfg buffer overflow

A weakness has been identified in TOTOLINK A3300R 17.0.0cu.557B20221024. The impacted element is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Executing manipulation can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public...

9CVSS0.0043EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2025/10/27 12:0 a.m.4 views

PT-2025-43895

Name of the Vulnerable Software and Affected Versions TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description A weakness exists in TOTOLINK A3300R. The issue is related to a buffer overflow in the setDdnsCfg function within the /cgi-bin/cstecgi.cgi file. This can be exploited remotely. The...

9.8CVSS6.8AI score0.0043EPSS
Exploits1References8
CNNVD
CNNVDadded 2025/10/27 12:0 a.m.1 views

TOTOLINK A3300R 安全漏洞

TOTOLINK A3300R is a dual-band wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home and small network environments. The TOTOLINK A3300R suffers from a buffer overflow vulnerability that originates from the failure of the function setDdnsCfg in the file...

9.8CVSS8.1AI score0.0043EPSS
Exploits1References5
CNVD
CNVDadded 2025/10/13 12:0 a.m.1 views

Tenda AC18 ddnsEn Parameter Stack Buffer Overflow Vulnerability

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 has a stack buffer overflow vulnerability, which originates from the parameter ddnsEn in the file /goform/SetDDNSCfg fails to correctly...

9CVSS8.4AI score0.0027EPSS
Exploits1References1
NVD
NVDadded 2025/10/09 2:15 a.m.2 views

CVE-2025-11524

A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...

9CVSS0.00248EPSS
Exploits1References5
CVE
CVEadded 2025/10/09 1:2 a.m.7 views

CVE-2025-11524

CVE-2025-11524 affects Tenda AC7 routers (firmware 15.03.06.44). The defect is a stack-based buffer overflow in /goform/SetDDNSCfg via the ddnsEn parameter, enabling remote code execution (exploit published; PoC/attacks possible). Exploit maturity: PoC. Remediation: update to a newer firmware ver...

9CVSS7AI score0.00248EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder