CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/05 7:19 p.m.•8 views

CVE-2026-5997

A vulnerability was detected in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setLoginPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument admpass results in os command injection. It is possible to launch the atta...

10CVSS7.5AI score0.01803EPSS

RedhatCVE•added 2026/06/05 7:18 p.m.•5 views

CVE-2026-9543

A vulnerability has been found in Totolink N300RH 6.1c.1353B20190305. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os command injection. The attack can be executed remotely. T...

10CVSS7.4AI score0.02133EPSS

RedhatCVE•added 2026/06/05 7:18 p.m.•6 views

CVE-2026-6195

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument admpass leads to os command injection. The attack can be...

10CVSS7.4AI score0.14277EPSS

NVD•added 2026/05/26 2:16 p.m.•12 views

CVE-2026-9543

10CVSS0.02133EPSS

Vulnrichment•added 2026/05/26 12:30 p.m.•7 views

CVE-2026-9543 Totolink N300RH Web Management cstecgi.cgi setPasswordCfg os command injection

ATTACKERKB•added 2026/05/26 12:30 p.m.•12 views

CVE-2026-9543

Exploits0References5Affected Software1

EUVD•added 2026/05/26 12:30 p.m.•9 views

EUVD-2026-31816

CVE•added 2026/05/26 12:30 p.m.•14 views

CVE-2026-9543

CVE-2026-9543 - Totolink N300RH is affected through the Web Management Interface file /cgi-bin/cstecgi.cgi, function setPasswordCfg. Manipulating the argument admpass enables an OS command injection, allowing remote execution. Public exploit details exist, with HIGH impact on confidentiality, int...

Positive Technologies•added 2026/05/26 12:0 a.m.•12 views

PT-2026-43248

A vulnerability has been found in Totolink N300RH 6.1c.1353 B20190305. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os command injection. The attack can be executed remotely...

NVD•added 2026/05/25 11:16 p.m.•14 views

Exploits0References6

CVE-2026-9512

A security flaw has been discovered in Totolink CA750-PoE 6.2c.510. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument admuser/admpass results in os command injection. The attack can b...

6.5CVSS0.01057EPSS

ATTACKERKB•added 2026/05/25 10:15 p.m.•6 views

CVE-2026-9512

6.5CVSS6.4AI score0.01057EPSS

Exploits0References5Affected Software1

CVE•added 2026/05/25 10:15 p.m.•19 views

CVE-2026-9512

CVE-2026-9512 affects Totolink CA750-PoE (firmware 6.2c.510) in the Setting Handler’s /cgi-bin/cstecgi.cgi, where manipulating the admuser/admpass arguments enables an os command injection in the setPasswordCfg function. The issue is remotely exploitable and, per the metrics, has an in-the-wild p...

6.5CVSS6.4AI score0.01057EPSS

NVD•added 2026/05/25 5:16 p.m.•15 views

CVE-2026-9476

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os command injection. The attack can be...

10CVSS0.01909EPSS

Cvelist•added 2026/05/25 5:0 p.m.•21 views

CVE-2026-9476 Totolink A8000RU Web Management cstecgi.cgi setPasswordCfg os command injection

10CVSS0.01909EPSS

CVE•added 2026/05/25 5:0 p.m.•18 views

CVE-2026-9476

Totolink A8000RU Web Management (firmware 7.1cu.643_b20200521) is affected via the /cgi-bin/cstecgi.cgi function setPasswordCfg. Manipulating the admpass parameter enables remote command injection, compromising confidentiality, integrity, and availability. Publicly available exploit exists, indic...

10CVSS7.1AI score0.01909EPSS

EUVD•added 2026/05/25 5:0 p.m.•11 views

EUVD-2026-31709

10CVSS7.1AI score0.01909EPSS

Positive Technologies•added 2026/05/25 12:0 a.m.•12 views

PT-2026-43091

A vulnerability was identified in Totolink A8000RU 7.1cu.643 b20200521. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os command injection. The attack can be...

10CVSS7.1AI score0.01909EPSS

CNNVD•added 2026/05/25 12:0 a.m.•7 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. An OS command injection vulnerability exists in TOTOLINK A8000RU version 7.1cu.643b20200521, which originates from the operation of the function setPasswordCfg on the parameter admpass in the Web Management Interfac...

10CVSS7.3AI score0.01909EPSS

Exploits0References6

CNNVD•added 2026/05/25 12:0 a.m.•7 views

TOTOLINK CA750-PoE 操作系统命令注入漏洞

The TOTOLINK CA750-PoE is a wireless network access device from China-based TOTOLINK Electronics TOTOLINK. An OS command injection vulnerability exists in TOTOLINK CA750-PoE version 6.2c.510, which originates from an OS command injection in the Setting Handler component of the setPasswordCfg...

6.5CVSS6.6AI score0.01057EPSS