CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9784 matches found

RedhatCVE•added 2026/04/15 7:24 p.m.•1 views

CVE-2026-6112

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be initiated remotely. The...

10CVSS5.6AI score0.01766EPSS

Exploits0References1

RedhatCVE•added 2026/04/15 1:22 a.m.•4 views

CVE-2026-6139

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The...

10CVSS7AI score0.01823EPSS

Exploits0References1

RedhatCVE•added 2026/04/14 7:22 p.m.•5 views

CVE-2026-6113

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setTtyServiceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument ttyEnable leads to os command injection. The attack...

10CVSS7AI score0.01803EPSS

Exploits0References1

RedhatCVE•added 2026/04/14 7:22 p.m.•4 views

CVE-2026-6155

A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument pppoeServiceName can lead to os command injection. The attack may be launched...

10CVSS7AI score0.01803EPSS

Exploits0References1

OSV•added 2026/04/14 6:1 p.m.•5 views

RLSA-2023:7025 Moderate: ruby:2.5 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: Buffer overrun in String-to-Float conversion CVE-2022-28739 ruby...

8.8CVSS6.8AI score0.0387EPSS

Exploits1References5

RedhatCVE•added 2026/04/14 7:22 a.m.•2 views

CVE-2026-5996

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setAdvancedInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument ttyserver leads to os command injection. It is possible to...

10CVSS5.5AI score0.01823EPSS

Exploits0References1

RedhatCVE•added 2026/04/14 1:22 a.m.•4 views

CVE-2026-5976

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sambaEnabled results in os command injection. It is possible to initiate th...

10CVSS5.6AI score0.01803EPSS

Exploits0References1

Tenable Nessus•added 2026/04/14 12:0 a.m.•3 views

RockyLinux 8 : ruby:2.5 (RLSA-2023:7025)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:7025 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: Buffer overrun in String-to-Float conversion CVE-2022-28739 ruby: ReDoS vulnerability i...

8.8CVSS7AI score0.0387EPSS

Exploits1References9

RedhatCVE•added 2026/04/13 7:23 p.m.•4 views

CVE-2026-6115

A flaw has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection. The attack may be launched remotely. The exploit has...

10CVSS5.5AI score0.01823EPSS

Exploits0References1

EUVD•added 2026/04/13 6:30 p.m.•3 views

EUVD-2026-22036

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument admpass leads to os command injection. The attack can be...

10CVSS5.6AI score0.14277EPSS

Exploits0References6

ATTACKERKB•added 2026/04/13 5:30 p.m.•4 views

CVE-2026-6195

10CVSS5.6AI score0.14277EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/04/13 5:30 p.m.•53 views

CVE-2026-6195 Totolink A7100RU CGI cstecgi.cgi setPasswordCfg os command injection

10CVSS0.14277EPSS

Exploits0References5

NVD•added 2026/04/13 4:16 a.m.•3 views

CVE-2026-6156

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument Comment leads to os command injection. Remote exploitation of the attack is...

10CVSS0.01823EPSS

Exploits0References5

NVD•added 2026/04/13 4:16 a.m.•1 views

CVE-2026-6155

10CVSS0.01803EPSS

Exploits0References5

CVE•added 2026/04/13 3:15 a.m.•7 views

CVE-2026-6155

CVE-2026-6155 affects Totolink A7100RU running 7.4cu.2313. The vulnerability is in the CGI handler: function setWanCfg in file /cgi-bin/cstecgi.cgi, where manipulation of the argument pppoeServiceName can lead to an OS command injection . The attack may be launched remotely over the network, with...

10CVSS7AI score0.01803EPSS

Exploits0References5

NVD•added 2026/04/13 1:16 a.m.•3 views

CVE-2026-6139

10CVSS0.01823EPSS

Exploits0References5

NVD•added 2026/04/13 1:16 a.m.•0 views

CVE-2026-6140

A vulnerability was found in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument FileName results in os command injection. The attack may be initiated remotely...

10CVSS0.02199EPSS

Exploits0References5