Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

RedhatCVE
RedhatCVEadded 2026/04/27 7:23 p.m.1 views

CVE-2026-7037

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru results in os command injection. The attack can be executed...

10CVSS8.2AI score0.01221EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/26 11:45 a.m.0 views

EUVD-2026-25713

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru results in os command injection. The attack can be executed...

10CVSS5.2AI score0.01221EPSS
Exploits0References5
CVE
CVEadded 2026/04/26 11:45 a.m.3 views

CVE-2026-7037

Totolink A8000RU 7.1cu.643_b20200521 is affected by a vulnerability in the CGI Handler at /cgi-bin/cstecgi.cgi, function setVpnPassCfg. Manipulation of the pptpPassThru argument enables OS command injection, with remote execution possible. The exploit is publicly released and can be used for atta...

10CVSS8.2AI score0.01221EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/04/26 12:0 a.m.3 views

TOTOLINK A8000RU 命令注入漏洞

The TOTOLINK A8000RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A8000RU 7.1cu.643b20200521 version has a command injection vulnerability. This vulnerability stems from improper handling of the pptpPassThru parameter in the setVpnPassCfg function of the...

10CVSS7.3AI score0.01221EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.4 views

PT-2026-35220

Name of the Vulnerable Software and Affected Versions Totolink A8000RU version 7.1cu.643 b20200521 Description An OS command injection flaw exists in the CGI Handler component. A remote attacker can exploit this by manipulating the pptpPassThru argument within the setVpnPassCfg function of the...

10CVSS7.3AI score0.01221EPSS
Exploits0References12
RedhatCVE
RedhatCVEadded 2026/04/14 1:22 a.m.1 views

CVE-2026-5850

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru leads to os command injection. Remote exploitation of the attack is possible...

10CVSS5.6AI score0.00371EPSS
Exploits0References1
NVD
NVDadded 2026/04/09 6:16 a.m.0 views

CVE-2026-5850

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru leads to os command injection. Remote exploitation of the attack is possible...

10CVSS0.00371EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/09 5:45 a.m.0 views

CVE-2026-5850 Totolink A7100RU CGI cstecgi.cgi setVpnPassCfg os command injection

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru leads to os command injection. Remote exploitation of the attack is possible...

10CVSS5.5AI score0.00371EPSS
Exploits0References5
CVE
CVEadded 2026/04/09 5:45 a.m.7 views

CVE-2026-5850

A vulnerability (CVE-2026-5850) affects Totolink A7100RU (version 7.4cu.2313_b20191024). The CGI Handler’s function setVpnPassCfg in /cgi-bin/cstecgi.cgi accepts the pptpPassThru argument, and manipulation leads to OS command injection. Remote exploitation is possible, and the exploit is publicly...

10CVSS7AI score0.00371EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/09 5:45 a.m.0 views

CVE-2026-5850

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru leads to os command injection. Remote exploitation of the attack is possible...

10CVSS7AI score0.00371EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2026/04/09 5:45 a.m.26 views

CVE-2026-5850 Totolink A7100RU CGI cstecgi.cgi setVpnPassCfg os command injection

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru leads to os command injection. Remote exploitation of the attack is possible...

10CVSS0.00371EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/04/09 12:0 a.m.2 views

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version has a vulnerability related to operating system command injection. This vulnerability stems from incorrect operations performed by the setVpnPassCfg function in the...

10CVSS7.3AI score0.00371EPSS
Exploits0References5
CNVD
CNVDadded 2026/04/08 12:0 a.m.0 views

Totolink A3300R Command Injection Vulnerability

The Totolink A3300R is a wireless router from Totolink. A command injection vulnerability exists in Totolink A3300R version 17.0.0cu.557b20221024, which originates from improper handling of the pptpPassThru parameter by the setVpnPassCfg function in the /cgi-bin/cstecgi.cgi file in the component...

8.8CVSS6.8AI score0.00687EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2026/03/31 4:59 a.m.1 views

CVE-2026-5105

A vulnerability was detected in Totolink A3300R 17.0.0cu.557b20221024. The affected element is the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument pptpPassThru results in command injection. It is possible to...

8.8CVSS6.5AI score0.00687EPSS
Exploits1References1
EUVD
EUVDadded 2026/03/30 6:30 a.m.1 views

EUVD-2026-17056

A vulnerability was detected in Totolink A3300R 17.0.0cu.557b20221024. The affected element is the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument pptpPassThru results in command injection. It is possible to...

8.8CVSS5.7AI score0.00687EPSS
Exploits1References6
NVD
NVDadded 2026/03/30 4:16 a.m.0 views

CVE-2026-5105

A vulnerability was detected in Totolink A3300R 17.0.0cu.557b20221024. The affected element is the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument pptpPassThru results in command injection. It is possible to...

8.8CVSS0.00687EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/03/30 3:0 a.m.1 views

CVE-2026-5105 Totolink A3300R Parameter cstecgi.cgi setVpnPassCfg command injection

A vulnerability was detected in Totolink A3300R 17.0.0cu.557b20221024. The affected element is the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument pptpPassThru results in command injection. It is possible to...

6.5CVSS5.7AI score0.00687EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/03/30 3:0 a.m.0 views

CVE-2026-5105

A vulnerability was detected in Totolink A3300R 17.0.0cu.557b20221024. The affected element is the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument pptpPassThru results in command injection. It is possible to...

6.5CVSS5.7AI score0.00687EPSS
Exploits1References5Affected Software1
CNNVD
CNNVDadded 2026/03/30 12:0 a.m.2 views

TOTOLINK A3300R 命令注入漏洞

The Totolink A3300R is a wireless router from Totolink. A command injection vulnerability exists in Totolink A3300R version 17.0.0cu.557b20221024, which originates from improper handling of the pptpPassThru parameter by the setVpnPassCfg function in the /cgi-bin/cstecgi.cgi file in the component...

8.8CVSS6.8AI score0.00687EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/03/30 12:0 a.m.2 views

PT-2026-28759

A vulnerability was detected in Totolink A3300R 17.0.0cu.557 b20221024. The affected element is the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument pptpPassThru results in command injection. It is possible to...

6.5CVSS5.7AI score0.00687EPSS
Exploits1References6
Rows per page
Query Builder