TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A8000RU 7.1cu.643b20200521 version has a vulnerability related to operating system command injection. This vulnerability stems from improper handling of the command parameter in the setTracerouteCfg...

CVE-2026-6131

A vulnerability was found in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument command results in os command injection. The attack may be launched...

PT-2026-32189

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A vulnerability exists in the Totolink A7100RU version 7.4cu.2313 b20191024. The setTracerouteCfg function within the /cgi-bin/cstecgi.cgi component CGI Handler is susceptible to OS...

CVE-2026-1150

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...

CVE-2025-7525

A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injectio...

CVE-2024-8078

A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862B20230228. It has been declared as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to buffer overflow. The attack can be initiated remotely. NOTE: The vendor was contacted early about this...

CVE-2024-8078

CVE-2024-8078 affects TOTOLINK AC1200 T8, version 4.1.5cu.862_B20230228. The setTracerouteCfg function is vulnerable to a buffer overflow that can be exploited remotely. Multiple sources describe the issue as critical/high impact with potential arbitrary code execution or DoS, requiring no user i...

CVE-2024-8078 TOTOLINK AC1200 T8 setTracerouteCfg buffer overflow

A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862B20230228. It has been declared as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to buffer overflow. The attack can be initiated remotely. NOTE: The vendor was contacted early about this...

CVE-2023-52028

TOTOlink A3700R v9.1.2u.5822B20200513 was discovered to contain a remote command execution RCE vulnerability via the setTracerouteCfg function...

PT-2023-28827 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R versions V9.4.0cu.652 B20230116 through V9.4.0cu.852 B20230719 Description: The issue allows a remote attacker to execute arbitrary code via the command parameter of the "setting/setTracerouteCfg" component. Recommendations: F...

CVE-2023-29798

TOTOLINK X18 V9.1.0cu.2024B20220329 was discovered to contain a command injection vulnerability via the command parameter in the setTracerouteCfg function...

TOTOLINK NR1800X setTracerouteCfg method buffer overflow vulnerability

TOTOLINK NR1800X is a 5G NR indoor Wi-Fi and SIP CPE broadband access device from China's Gion Electronics TOTOLINK, which is mainly used for the deployment of NR fixed data services in homes and offices to support 5G NR network connectivity. The TOTOLINK NR1800X suffers from a buffer overflow...

TOTOLINK A720R Code Execution Vulnerability

TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a code execution vulnerability that stems from the discovery of a remote code execution RCE...

TOTOLINK A720R 操作系统命令注入漏洞

TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a code execution vulnerability that stems from the discovery of a remote code execution RCE...

CVE-2022-37080

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a stack overflow via the command parameter at setting/setTracerouteCfg...

CVE-2022-36480

TOTOLINK N350RT V9.3.5u.6139B20201216 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg...

CVE-2022-36463

TOTOLINK A3700R V9.1.2u.6134B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg...

TOTOLINK N350RT 操作系统命令注入漏洞

The TOTOLINK N350RT is a small home router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in the TOTOLINK N350RT version V9.3.5u.6139B20201216, which stems from a command parameter command injection issue in the setTracerouteCfg method...