CVE-2026-7122 Totolink A8000RU CGI cstecgi.cgi setUPnPCfg os command injection

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It is possible to launch the attack remotely. The...

CVE-2026-7122 Totolink A8000RU CGI cstecgi.cgi setUPnPCfg os command injection

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It is possible to launch the attack remotely. The...

EUVD-2026-20864

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable results in os command injection. The attack can be executed remotely. The exploi...

CVE-2026-5851 Totolink A7100RU CGI cstecgi.cgi setUPnPCfg os command injection

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable results in os command injection. The attack can be executed remotely. The exploi...

CVE-2026-5851

Totolink A7100RU device (firmware 7.4cu.2313_b20191024) is affected by a vulnerability in the CGI Handler: /cgi-bin/cstecgi.cgi, function setUPnPCfg. Manipulating the enable argument enables an OS command injection, allowing remote exploitation. The issue is rated Critical (CVSS up to 9.8/10 in t...

PT-2026-31590

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A security flaw exists in the CGI Handler component of Totolink A7100RU 7.4cu.2313 b20191024. The setUPnPCfg function within the /cgi-bin/cstecgi.cgi file is susceptible to os command...

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version contains an operating system command injection vulnerability. This vulnerability stems from incorrect handling of the enable parameter in the setUPnPCfg function of...

CVE-2026-5103

A weakness has been identified in Totolink A3300R 17.0.0cu.557b20221024. This issue affects the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument enable causes command injection. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2026-5103

Affects Totolink A3300R 17.0.0cu.557_b20221024. The issue resides in the setUPnPCfg function of /cgi-bin/cstecgi.cgi, where manipulating the enable argument leads to command injection. This can be exploited remotely and publicly available exploits exist. Remediation guidance in connected sources ...

CVE-2026-5103

A weakness has been identified in Totolink A3300R 17.0.0cu.557b20221024. This issue affects the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument enable causes command injection. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2026-5103 Totolink A3300R cstecgi.cgi setUPnPCfg command injection

A weakness has been identified in Totolink A3300R 17.0.0cu.557b20221024. This issue affects the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument enable causes command injection. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2026-5103 Totolink A3300R cstecgi.cgi setUPnPCfg command injection

A weakness has been identified in Totolink A3300R 17.0.0cu.557b20221024. This issue affects the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument enable causes command injection. The attack is possible to be carried out remotely. The exploit has been made...

PT-2026-28757

Name of the Vulnerable Software and Affected Versions Totolink A3300R version 17.0.0cu.557 b20221024 Description A flaw exists in the Totolink A3300R device. The setUPnPCfg function within the /cgi-bin/cstecgi.cgi file is susceptible to command injection through manipulation of the enable argumen...

Tenda AC7 /goform/SetUpnpCfg File Buffer Overflow Vulnerability

Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter upnpEn in the file /goform/SetUpnpCfg that fails to correctly validate the length of the input data, and can be exploited by a...

CVE-2025-11525 Tenda AC7 SetUpnpCfg stack-based overflow

A vulnerability has been found in Tenda AC7 15.03.06.44. Impacted is an unknown function of the file /goform/SetUpnpCfg. Such manipulation of the argument upnpEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-11525

CVE-2025-11525 affects Tenda AC7 (firmware 15.03.06.44). The issue is a stack-based buffer overflow in the /goform/SetUpnpCfg handler caused by improper validation of the upnpEn parameter. Attackers can exploit remotely to execute arbitrary code or cause denial of service; public exploits/poC hav...

EUVD-2025-33269

A vulnerability has been found in Tenda AC7 15.03.06.44. Impacted is an unknown function of the file /goform/SetUpnpCfg. Such manipulation of the argument upnpEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-11525 Tenda AC7 SetUpnpCfg stack-based overflow

A vulnerability has been found in Tenda AC7 15.03.06.44. Impacted is an unknown function of the file /goform/SetUpnpCfg. Such manipulation of the argument upnpEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

Tenda AC7 安全漏洞

Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter upnpEn in the file /goform/SetUpnpCfg that fails to correctly validate the length of the input data, and can be exploited by a...

PT-2025-41327

Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack-based buffer overflow exists in Tenda AC7 version 15.03.06.44. The issue is due to the manipulation of the upnpEn parameter within the /goform/SetUpnpCfg file. This allows for remote...