75 matches found
EUVD-2026-31768
A weakness has been identified in Totolink CA750-PoE 6.2c.510. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executing a manipulation of the argument hosttime can lead to os command injection. The attack can be launched remotely...
CVE-2026-9456
A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setOpenVpnCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enabled results in os command injection. The attack can be executed remotely. The...
EUVD-2026-31677
A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. The affected element is the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument FileName causes os command injection. The attack is possible...
CVE-2026-9432
A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setWiFiAdvancedCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument bgProtection results in os command injection. The...
CVE-2026-9406
A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed...
TOTOLINK CA750-PoE 操作系统命令注入漏洞
The TOTOLINK CA750-PoE is a wireless network access device from China's Gion Electronics TOTOLINK. The Totolink CA750-PoE version 6.2c.510 suffers from an OS command injection vulnerability, which originates from an os command injection in the operation of the parameter webWlanIdx by the...
PT-2026-43099
A weakness has been identified in Totolink A8000RU 7.1cu.643 b20200521. Impacted is the function setParentalRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack may be perform...
PT-2026-43157
Name of the Vulnerable Software and Affected Versions Totolink CA750-PoE version 6.2c.510 Description An OS command injection issue exists in the Setting Handler component. The setNetworkDiag function within the '/cgi-bin/cstecgi.cgi' endpoint fails to properly sanitize several arguments, allowin...
EUVD-2026-31606
A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed...
CVE-2026-9388
A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument mode can lead to os command injection. It is possible to...
CVE-2026-9384
A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument ip results in os command injection. The attack can be executed...
CVE-2026-7719
A security flaw has been discovered in Totolink WA300 5.2cu.7112B20190227. The affected element is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument httphost results in buffer overflow. The attack may be launched...
CVE-2026-7750 Totolink N300RH POST Request cstecgi.cgi setMacFilterRules buffer overflow
A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument macaddress results in buffer overflow. The attack may be launched...
CVE-2026-7152
A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. The affected element is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument telnetenabled leads to os command injection. It is possible to launch the attac...
CVE-2026-7137 Totolink A8000RU CGI cstecgi.cgi setStorageCfg os command injection
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument sambaEnabled leads to os command injection. Remote exploitation of the attack ...
CVE-2026-7137
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument sambaEnabled leads to os command injection. Remote exploitation of the attack ...
PT-2026-35520
A vulnerability was identified in Totolink A8000RU 7.1cu.643 b20200521. The affected element is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument telnet enabled leads to os command injection. It is possible to launch the...
PT-2026-35452
A vulnerability was detected in Totolink A8000RU 7.1cu.643 b20200521. This vulnerability affects the function setNtpCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument tz results in os command injection. The attack can be executed remotely. The...
EUVD-2026-25255
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the dhcpMtu parameter to /cgi-bin/cstecgi.cgi...
CVE-2026-31164
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the pppoeMtu parameter to /cgi-bin/cstecgi.cgi...