CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/04/27 4:15 p.m.•5 views

EUVD-2026-25878

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mode causes os command injection. The attack is possible to be carried out remotely. The...

10CVSS5.2AI score0.01766EPSS

EUVD•added 2026/04/27 3:45 p.m.•3 views

EUVD-2026-25875

NVD•added 2026/04/27 1:16 p.m.•5 views

CVE-2026-7124

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument addrPrefixLen can lead to os command injection. The attack ca...

10CVSS0.01766EPSS

ATTACKERKB•added 2026/04/27 12:30 p.m.•3 views

CVE-2026-7124

CVE•added 2026/04/27 12:15 p.m.•9 views

CVE-2026-7123

CVE-2026-7123 affects Totolink A8000RU (firmware 7.1cu.643_b20200521) CGI Handler, specifically the file /cgi-bin/cstecgi.cgi function setIptvCfg. The vulnerability is a remote OS command injection caused by manipulation of the setIptvCfg argument. Public exploits exist, enabling remote attackers...

ATTACKERKB•added 2026/04/27 12:15 p.m.•2 views

CVE-2026-7123

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument setIptvCfg results in os command injection. The attack can be initiated remotely. The...

Cvelist•added 2026/04/27 12:0 p.m.•26 views

CVE-2026-7122 Totolink A8000RU CGI cstecgi.cgi setUPnPCfg os command injection

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It is possible to launch the attack remotely. The...

10CVSS0.01766EPSS

EUVD•added 2026/04/27 11:45 a.m.•6 views

EUVD-2026-25835

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument wizard causes os command injection. It is possible to initiate the attack remotely. The exploit has...

10CVSS8.2AI score0.01947EPSS

CNNVD•added 2026/04/27 12:0 a.m.•7 views

TOTOLINK A8000RU 命令注入漏洞

The TOTOLINK A8000RU is a wireless router produced by TOTOLINK Corporation. The Totolink A8000RU 7.1cu.643b20200521 version contains a command injection vulnerability. This vulnerability stems from the setUPnPCfg function in the CGI Handler component/cgi-bin/cstecgi.cgi file, which processes the...

10CVSS7.3AI score0.01766EPSS

Exploits0References2

Positive Technologies•added 2026/04/27 12:0 a.m.•6 views

PT-2026-35520

A vulnerability was identified in Totolink A8000RU 7.1cu.643 b20200521. The affected element is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument telnet enabled leads to os command injection. It is possible to launch the...

10CVSS8.4AI score0.01766EPSS

Exploits0References8

Positive Technologies•added 2026/04/27 12:0 a.m.•2 views

PT-2026-35525

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643 b20200521. This impacts the function setLoginPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument admpass leads to os command injection. The attack may be initiated...

NVD•added 2026/04/26 12:16 p.m.•7 views

Exploits0References6

CVE-2026-7037

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru results in os command injection. The attack can be executed...

10CVSS0.01785EPSS

ATTACKERKB•added 2026/04/26 11:45 a.m.•2 views

CVE-2026-7037

10CVSS8.2AI score0.01785EPSS

Vulnrichment•added 2026/04/26 11:45 a.m.•2 views

CVE-2026-7037 Totolink A8000RU CGI cstecgi.cgi setVpnPassCfg os command injection

10CVSS8.2AI score0.01785EPSS

RedhatCVE•added 2026/04/15 7:24 p.m.•1 views

CVE-2026-6112

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be initiated remotely. The...

10CVSS5.6AI score0.01766EPSS

Exploits0References1

RedhatCVE•added 2026/04/14 7:22 a.m.•2 views

CVE-2026-5996

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setAdvancedInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument ttyserver leads to os command injection. It is possible to...

10CVSS5.5AI score0.01823EPSS

Exploits0References1

RedhatCVE•added 2026/04/14 1:22 a.m.•4 views

CVE-2026-5976

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sambaEnabled results in os command injection. It is possible to initiate th...

10CVSS5.6AI score0.01803EPSS

Exploits0References1

EUVD•added 2026/04/13 6:30 p.m.•3 views

EUVD-2026-22036

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument admpass leads to os command injection. The attack can be...

10CVSS5.6AI score0.14277EPSS

Exploits0References6

ATTACKERKB•added 2026/04/13 5:30 p.m.•4 views

CVE-2026-6195

10CVSS5.6AI score0.14277EPSS