EUVD-2026-31760

A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument webWlanIdx leads to os command injection. It is possible to launch the attack remotely. The...

PT-2026-36749

Name of the Vulnerable Software and Affected Versions Totolink WA300 version 5.2cu.7112 B20190227 Description An issue exists in the POST Request Handler component where the manipulation of the webWlanIdx argument in the setWebWlanIdx function of the '/cgi-bin/cstecgi.cgi' endpoint allows for...

CVE-2026-3301

A security flaw has been discovered in Totolink N300RH 6.1c.1353B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument webWlanIdx results in os command injection...

CVE-2026-3301 Totolink N300RH Web Management cstecgi.cgi setWebWlanIdx os command injection

A security flaw has been discovered in Totolink N300RH 6.1c.1353B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument webWlanIdx results in os command injection...

EUVD-2025-12271

Malicious code in bioql PyPI...

EUVD-2024-34686

Malicious code in bioql PyPI...

EUVD-2022-32937

Malicious code in bioql PyPI...

CVE-2022-28909

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx...

The vulnerability of the setWebWlanIdx function in the microprogramming software of TOTOLINK EX1200T routers allows a hacker to execute arbitrary code by manipulating the webWlanIdx parameter.

The vulnerability of the setWebWlanIdx function in TOTOLINK EX1200T router microprogramming systems exists due to the lack of measures to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by manipulating the webWlanIdx parameter...

CVE-2025-44847

TOTOLINK CA600-PoE V5.3c.6665B20180820 was found to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2025-44847

TOTOLINK CA600-PoE V5.3c.6665B20180820 was found to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2025-44847

CVE-2025-44847 affects TOTOLINK CA600-PoE, specifically version 5.3c.6665_B20180820. The root cause is a command injection vulnerability in the setWebWlanIdx function triggered by the webWlanIdx parameter, allowing an attacker to execute arbitrary commands via a crafted request. CVSS metrics (rep...

TOTOLINK EX1200T Command Execution Vulnerability

The TOTOLINK EX1200T is a wireless router from TOTOLINK that offers convenient network connectivity and management features. The TOTOLINK EX1200T suffers from a command execution vulnerability that originates from the presence of a pre-authenticated remote command execution of the webWlanIdx...

CVE-2025-28038

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter...

CVE-2025-28038

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter...

TOTOLINK EX1200T 安全漏洞

The TOTOLINK EX1200T is a wireless router from TOTOLINK that offers convenient network connectivity and management features. The TOTOLINK EX1200T suffers from a command execution vulnerability that originates from the presence of a pre-authenticated remote command execution of the webWlanIdx...

CVE-2025-28038

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter...

CVE-2025-28038

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter...

The vulnerability of the setWebWlanIdx() function in TOTOLINK CP900 router microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of the setWebWlanIdx function in TOTOLINK CP900 router microprogramming software lies in the lack of measures taken to neutralize special elements during the processing of the webWlanIdx parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

CVE-2024-34206

TOTOLINK outdoor CPE CP450 v4.1.0cu.747B20191224 was discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter...