Lucene search
K

406 matches found

CNNVD
CNNVD
added 2026/04/13 12:0 a.m.6 views

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A7100RU 7.4cu.2313b20191024 version contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of the parameter “wizard” in the function...

10CVSS7.3AI score0.01823EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/12 10:30 p.m.2 views

CVE-2026-6132 Totolink A7100RU CGI cstecgi.cgi setLedCfg os command injection

A vulnerability was determined in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is...

10CVSS5.5AI score0.02175EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/12 3:0 a.m.38 views

CVE-2026-6113 Totolink A7100RU CGI cstecgi.cgi setTtyServiceCfg os command injection

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setTtyServiceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument ttyEnable leads to os command injection. The attack...

10CVSS0.01803EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.8 views

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version has a vulnerability related to operating system command injection. This vulnerability stems from the improper handling of the parameter “ip” in the setDiagnosisCfg...

10CVSS7.3AI score0.01803EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.3 views

PT-2026-32190

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A flaw exists in the CGI Handler component of the Totolink A7100RU router. Specifically, the setLedCfg function within the /cgi-bin/cstecgi.cgi file is susceptible to OS command injecti...

10CVSS7.2AI score0.02175EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.7 views

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version has a vulnerability related to operating system command injection. This vulnerability stems from an improper handling of the parameter maxRtrAdvInterval in the...

10CVSS7.3AI score0.01766EPSS
Exploits0References5
NVD
NVD
added 2026/04/10 7:16 a.m.7 views

CVE-2026-6028

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function setPptpServerCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable leads to os command injection. The attack may be initiated remotely...

10CVSS0.02981EPSS
Exploits0References5
CVE
CVE
added 2026/04/10 12:45 a.m.13 views

CVE-2026-5995

The CVE affects Totolink A7100RU (firmware 7.4cu.2313_b20191024). The vulnerable component is /cgi-bin/cstecgi.cgi, function setMiniuiHomeInfoShow, where manipulating the lan_info argument enables OS command injection. Impact is described as high for confidentiality, integrity, and availability, ...

10CVSS6.9AI score0.01823EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/10 12:30 a.m.32 views

CVE-2026-5994 Totolink A7100RU CGI cstecgi.cgi setTelnetCfg os command injection

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. This issue affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument telnetenabled results in os command injection. The attack is possible ...

10CVSS0.01803EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.4 views

PT-2026-31835

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A weakness exists in the Totolink A7100RU version 7.4cu.2313 b20191024. The setMiniuiHomeInfoShow function within the /cgi-bin/cstecgi.cgi file of the CGI Handler component is affected...

10CVSS7.2AI score0.01823EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.6 views

PT-2026-31884

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A weakness exists in the Totolink A7100RU router. The issue affects the setUrlFilterRules function within the /cgi-bin/cstecgi.cgi file of the CGI Handler component. Manipulation of the...

10CVSS7.2AI score0.02499EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/04/09 8:15 p.m.28 views

CVE-2026-5977 Totolink A7100RU CGI cstecgi.cgi setWiFiBasicCfg os command injection

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wifiOff can lead to os command injection. It is possible to launch the attack...

10CVSS0.02114EPSS
Exploits0References5
CNVD
CNVD
added 2026/04/08 12:0 a.m.4 views

Totolink A3300R Command Injection Vulnerability (CNVD-2026-16680)

Totolink A3300R is a wireless router product from Totolink. A command injection vulnerability exists in the Totolink A3300R version 17.0.0cu.557b20221024, which stems from improper handling of the qosupbw parameter in the setSmartQosCfg function of the /cgi-bin/cstecgi.cgi file in its parameter...

8.8CVSS6.8AI score0.02164EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/04/07 2:22 p.m.1 views

CVE-2026-33034 Potential denial-of-service vulnerability in ASGI requests via memory upload limit bypass

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGI requests with a missing or understated Content-Length header could bypass the DATAUPLOADMAXMEMORYSIZE limit when reading HttpRequest.body, allowing remote attackers to load an unbounded request body into...

5.9AI score0.00769EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.9 views

Django 安全漏洞

Django is a set of open-source web frameworks based on the Python language, developed by the Django Foundation. This framework includes an object-oriented mapper, view system, template system, etc. Versions of Django prior to 6.0.4, 5.2.13, and 4.2.30 contained security vulnerabilities. These...

7.5CVSS5.8AI score0.00436EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/04/03 5:15 p.m.217 views

Exploit for OS Command Injection in Php

CVE-2024-4577 Python Exploit Toolkit A Python toolkit for exp...

9.8CVSS6.5AI score0.99987EPSS
Exploits64
OSV
OSV
added 2026/04/03 3:2 a.m.11 views

GHSA-HR8G-2Q7X-3F4W OpenClaw Has a Gateway Control Interface Information Disclosure Vulnerability

Summary OpenClaw Gateway Control Interface Information Disclosure Vulnerability Current Maintainer Triage - Status: narrow - Normalized severity: low - Assessment: Released Control UI bootstrap JSON did expose version and assistant agent id, but that is low-severity fingerprinting or info...

6.9CVSS5.9AI score0.00297EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.7 views

CVE-2026-4197

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...

9.8CVSS6.2AI score0.16779EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:14 p.m.5 views

CVE-2026-4468

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and ma...

5.8CVSS5.5AI score0.02097EPSS
Exploits0References1
OSV
OSV
added 2026/03/26 10:36 a.m.6 views

SUSE-SU-2026:1062-1 Security update for python310

This update for python310 fixes the following issues: Update to Python 3.10.20: - CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. - CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. - CVE-2025-12084: quadratic complexity in xml.minidom node ID cache...

7.5CVSS7AI score0.01525EPSS
Exploits0References19
Rows per page
Query Builder