19611 matches found
CVE-2026-6158
The CVE-2026-6158 entry concerns Totolink N300RH (firmware 6.1c.1353_B20190305). The vulnerability lies in the upgrade subsystem: the function setUpgradeUboot in upgrade.so accepts a FileName argument and can be manipulated to trigger an OS command injection. This flaw enables remote execution an...
CVE-2026-6155 Totolink A7100RU CGI cstecgi.cgi setWanCfg os command injection
A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument pppoeServiceName can lead to os command injection. The attack may be launched...
CVE-2026-6155
A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument pppoeServiceName can lead to os command injection. The attack may be launched...
CVE-2026-6155
CVE-2026-6155 affects Totolink A7100RU running 7.4cu.2313. The vulnerability is in the CGI handler: function setWanCfg in file /cgi-bin/cstecgi.cgi, where manipulation of the argument pppoeServiceName can lead to an OS command injection . The attack may be launched remotely over the network, with...
CVE-2026-6154
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wizard results in os command injection. The attack may be initiat...
CVE-2026-6154 Totolink A7100RU CGI cstecgi.cgi setWizardCfg os command injection
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wizard results in os command injection. The attack may be initiat...
CVE-2026-6141
A vulnerability was determined in danielmiessler PersonalAIInfrastructure up to 2.3.0. Affected is an unknown function of the file Skills/Parser/Tools/parseurl.ts. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclos...
CVE-2026-6141 danielmiessler Personal_AI_Infrastructure parse_url.ts os command injection
A vulnerability was determined in danielmiessler PersonalAIInfrastructure up to 2.3.0. Affected is an unknown function of the file Skills/Parser/Tools/parseurl.ts. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclos...
CVE-2026-6141 danielmiessler Personal_AI_Infrastructure parse_url.ts os command injection
A vulnerability was determined in danielmiessler PersonalAIInfrastructure up to 2.3.0. Affected is an unknown function of the file Skills/Parser/Tools/parseurl.ts. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclos...
CVE-2026-6140
A vulnerability was found in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument FileName results in os command injection. The attack may be initiated remotely...
CVE-2026-6139
A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The...
CVE-2026-6139 Totolink A7100RU CGI cstecgi.cgi UploadOpenVpnCert os command injection
A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The...
EUVD-2026-21764
A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The...
CVE-2026-6138
A flaw has been found in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mac causes os command injection. The attack can be initiated remotely. The exploi...
CVE-2026-6138 Totolink A7100RU CGI cstecgi.cgi setAccessDeviceCfg os command injection
A flaw has been found in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mac causes os command injection. The attack can be initiated remotely. The exploi...
CVE-2026-31281
Totara LMS v19.1.5 and before is vulnerable to HTML Injection. An attacker can inject malicious HTML code in a message and send it to all the users in the application, resulting in executing the code and may lead to session hijacking and executing commands on the victim's browser. NOTE: The...
PT-2026-32240
Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 Description A weakness exists in the CGI Handler component of Totolink A7100RU version 7.4cu.2313. Manipulation of the pppoeServiceName argument within the setWanCfg function in the /cgi-bin/cstecgi.cgi file...
PT-2026-32489
Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A security issue in the CGI Handler component allows for remote OS command injection. The problem exists in the setPasswordCfg function within the '/cgi-bin/cstecgi.cgi' file. An...
CVE-2026-6132
A vulnerability was determined in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is...
CVE-2026-6132 Totolink A7100RU CGI cstecgi.cgi setLedCfg os command injection
A vulnerability was determined in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is...