CVE-2026-9408

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...

CVE-2026-9408 Totolink A8000RU Web Management cstecgi.cgi setStaticDhcpRules os command injection

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...

EUVD-2018-15749

Malware in sbrugna...

EUVD-2020-7101

Malware in sbrugna...

CVE-2023-26848

TOTOlink A7100RUV7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules...

CVE-2022-48122

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the dayvalid parameter in the setting/delStaticDhcpRules function...

TOTOLINK N150RT 代码注入漏洞

The TOTOLINK N150RT is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK N150RT version 3.4.0-B20190525 suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data by the parameter Hostname in the...

CVE-2025-3989

A vulnerability classified as critical was found in TOTOLINK N150RT 3.4.0-B20190525. Affected by this vulnerability is an unknown functionality of the file /boafrm/formStaticDHCP. The manipulation of the argument Hostname leads to buffer overflow. The attack can be launched remotely. The exploit...

CVE-2024-34207

TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a stack buffer overflow vulnerability in the setStaticDhcpConfig function...

TOTOLINK CPE CP450 安全漏洞

TOTOLINK CPE CP450 is an outdoor wireless client terminal device from China Gion Electronics TOTOLINK, which is mainly used to provide wireless broadband access services, especially for wireless network coverage in rural or remote areas. A security vulnerability exists in the TOTOLINK CPE CP450...

PT-2024-1545 · Totolink · Totolink A3300R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version V17.0.0cu.557 B20221024 Description: The issue exists due to the lack of measures to neutralize special elements in the setStaticDhcpRules function of the TOTOLINK A3300R router's firmware. This allows a remote attacke...

TOTOLINK T10 缓冲区错误漏洞

TOTOLINK T10 is a wireless network system router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK T10v2 version 5.9c.5061B20200511, which originates from the comment parameter in the setStaticDhcpConfig of /lib/cstemodules/lan.so that fails to correctly...

CVE-2023-26848

TOTOlink A7100RUV7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules...

CVE-2023-25395

TOTOlink A7100RU V7.4cu.2313B20191024 router was discovered to contain a command injection vulnerability via the ou parameter at /setting/delStaticDhcpRules...

PT-2023-20045 · Totolink · Totolink A7100Ru

Name of the Vulnerable Software and Affected Versions: TOTOlink A7100RU version 7.4cu.2313 B20191024 Description: A command injection issue was discovered in the router, specifically via the ou parameter at the "/setting/delStaticDhcpRules" API endpoint. This allows for potential exploitation...

TOTOLINK A7100RU 命令注入漏洞

The TOTOLINK A7100RU is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK A7100RU V7.4cu.2313B20191024 version, which was discovered to contain a command injection vulnerability via the country parameter of setting/delStaticDhcpRules...

CVE-2022-41013

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

Stack overflow

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

Stack overflow

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in the TOTOLINK A7100RU V7.4cu.2313B20191024 version, which stems from the dayvalid parameter of the set/delStaticDhcpRules method containing a command...