Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

70888 matches found

ATTACKERKB
ATTACKERKBadded 2026/04/27 4:0 p.m.5 views

CVE-2026-7138

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setNtpCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument tz results in os command injection. The attack can be executed remotely. The explo...

10CVSS5.2AI score0.01766EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2026/04/27 4:0 p.m.16 views

CVE-2026-7138

Totolink A8000RU vulnerability CVE-2026-7138 affects the CGI Handler: file /cgi-bin/cstecgi.cgi, function setNtpCfg. Manipulating the tz argument leads to OS command injection with a remote attack path. Public exploit is indicated in the sources. No specific patch/version details or mitigations a...

10CVSS8.3AI score0.01766EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/27 3:45 p.m.4 views

CVE-2026-7137 Totolink A8000RU CGI cstecgi.cgi setStorageCfg os command injection

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument sambaEnabled leads to os command injection. Remote exploitation of the attack ...

10CVSS8.2AI score0.01766EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/27 3:45 p.m.3 views

CVE-2026-7137

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument sambaEnabled leads to os command injection. Remote exploitation of the attack ...

10CVSS5.2AI score0.01766EPSS
Exploits0References5Affected Software1
EUVD
EUVDadded 2026/04/27 3:45 p.m.5 views

EUVD-2026-25875

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument sambaEnabled leads to os command injection. Remote exploitation of the attack ...

10CVSS8.2AI score0.01766EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/27 3:45 p.m.24 views

CVE-2026-7137 Totolink A8000RU CGI cstecgi.cgi setStorageCfg os command injection

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument sambaEnabled leads to os command injection. Remote exploitation of the attack ...

10CVSS0.01766EPSS
Exploits0References5
CVE
CVEadded 2026/04/27 3:45 p.m.17 views

CVE-2026-7137

Totolink A8000RU 7.1cu.643_b20200521 is affected in CGI Handler (cgi-bin/cstecgi.cgi) via setStorageCfg. The vulnerability stems from manipulating the sambaEnabled argument, causing an OS command injection that enables remote exploitation. The exploit has been publicly disclosed, indicating pract...

10CVSS8.2AI score0.01766EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/27 3:30 p.m.4 views

CVE-2026-7136 Totolink A8000RU CGI cstecgi.cgi setDmzCfg os command injection

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wanIdx can lead to os command injection. The attack may be launched...

10CVSS8.2AI score0.01766EPSS
Exploits0References5
EUVD
EUVDadded 2026/04/27 3:30 p.m.7 views

EUVD-2026-25874

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wanIdx can lead to os command injection. The attack may be launched...

10CVSS8.3AI score0.01766EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/27 3:30 p.m.2 views

CVE-2026-7136

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wanIdx can lead to os command injection. The attack may be launched...

10CVSS5.2AI score0.01766EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2026/04/27 3:30 p.m.26 views

CVE-2026-7136 Totolink A8000RU CGI cstecgi.cgi setDmzCfg os command injection

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wanIdx can lead to os command injection. The attack may be launched...

10CVSS0.01766EPSS
Exploits0References5
CVE
CVEadded 2026/04/27 3:30 p.m.9 views

CVE-2026-7136

CVE-2026-7136 affects Totolink A8000RU, version 7.1cu.643_b20200521. Vulnerable component: CGI Handler, file /cgi-bin/cstecgi.cgi, function setDmzCfg. Manipulating the wanIdx argument can cause an OS command injection. Exploit can be launched remotely and public exploits exist. Documents consiste...

10CVSS8.2AI score0.01766EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/04/27 3:6 p.m.23 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7CVSS5.9AI score0.00216EPSS
Exploits0References7
RedHat Linux
RedHat Linuxadded 2026/04/27 3:0 p.m.5 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7CVSS5AI score0.00216EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2026/04/27 1:22 p.m.10 views

CVE-2026-6980

A vulnerability has been found in Divyanshu-hash GitPilot-MCP up to 9ed9f153ba4158a2ad230ee4871b25130da29ffd. This impacts the function repopath of the file main.py. Such manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been...

7.5CVSS7AI score0.01694EPSS
Exploits0References1
NVD
NVDadded 2026/04/27 1:16 p.m.5 views

CVE-2026-7123

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument setIptvCfg results in os command injection. The attack can be initiated remotely. The...

10CVSS0.01766EPSS
Exploits0References5
NVD
NVDadded 2026/04/27 1:16 p.m.6 views

CVE-2026-7124

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument addrPrefixLen can lead to os command injection. The attack ca...

10CVSS0.01766EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/27 12:45 p.m.5 views

CVE-2026-7125

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge leads to os command injection. The attack may be initiated remotely. T...

10CVSS8.3AI score0.01766EPSS
Exploits0References5Affected Software1
EUVD
EUVDadded 2026/04/27 12:45 p.m.3 views

EUVD-2026-25843

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge leads to os command injection. The attack may be initiated remotely. T...

10CVSS8.3AI score0.01766EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/27 12:45 p.m.3 views

CVE-2026-7125 Totolink A8000RU CGI cstecgi.cgi setWiFiEasyCfg os command injection

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge leads to os command injection. The attack may be initiated remotely. T...

10CVSS8.3AI score0.01766EPSS
Exploits0References5
Rows per page
Query Builder