PT-2026-35520

A vulnerability was identified in Totolink A8000RU 7.1cu.643 b20200521. The affected element is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument telnet enabled leads to os command injection. It is possible to launch the...

EUVD-2026-21270

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. This issue affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument telnetenabled results in os command injection. The attack is possible ...

CVE-2026-5994 Totolink A7100RU CGI cstecgi.cgi setTelnetCfg os command injection

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. This issue affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument telnetenabled results in os command injection. The attack is possible ...

PT-2026-31834

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A security flaw exists in the CGI Handler component of Totolink A7100RU version 7.4cu.2313 b20191024. Manipulation of the telnet enabled argument within the setTelnetCfg function in the...

EUVD-1999-1071

Malware in sbrugna...

EUVD-2024-48126

Malicious code in bioql PyPI...

CVE-2024-7464

A vulnerability, which was classified as critical, has been found in TOTOLINK CP900 6.3c.566. This issue affects the function setTelnetCfg of the component Telnet Service. The manipulation of the argument telnetenabled leads to command injection. The attack may be initiated remotely. The exploit...

The vulnerability of the setTelnetCfg function in the Telnet service of TOTOLINK CP900 microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of the setTelnetCfg function in the Telnet service of TOTOLINK CP900 router software lies in the lack of measures to sanitize input data during the processing of the telnetenabled parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...

TOTOLINK A3600R cstecgi.cgi file setTelnetCfg function command injection vulnerability

TOTOLINK A3600R is a 6-antenna 1200M wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3600R suffers from a command injection vulnerability that originates from improper handling of the telnetenabled parameter in the setTelnetCfg function of the /cgi-bin/cstecgi.cgi file. An...

CVE-2024-7158

A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050B20200504. It has been declared as critical. This vulnerability affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument telnetenabled leads to command...

PT-2024-38120 · Totolink · Totolink A3100R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3100R version 4.1.2cu.5050 B20200504 Description: A critical issue affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi in the HTTP POST Request Handler component. The manipulation of the telnet enabled argument leads ...

The vulnerability of the SetTelnetCfg function in the TELNET component of TOTOLINK CP450 router microprogramming software allows a intruder to execute arbitrary code.

The vulnerability of the SetTelnetCfg function in the TELNET component of TOTOLINK CP450 microprogramming software exists due to insufficient verification of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using the TELNET network protocol...

CVE-2024-34219

TOTOLINK CP450 V4.1.0cu.747B20191224 was discovered to contain a vulnerability in the SetTelnetCfg function, which allows attackers to log in through telnet...

CVE-2024-31805

TOTOLINK EX200 V4.0.3c.7646B20201211 allows attackers to start the Telnet service without authorization via the telnetenabled parameter in the setTelnetCfg function...

CVE-2023-52026

TOTOlink EX1800T V9.1.0cu.2112B20220316 was discovered to contain a remote command execution RCE vulnerability via the telnetenabled parameter of the setTelnetCfg interface...

Command injection

Command Execution vulnerability in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a remote attacker to execute arbitrary code via the shortcuttelnet.cg component...

Level One WBR-3460A wireless ADSL router unauthorized access

Username/password is not required for telnet configuration access...

CVE-1999-1090

The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files...