CVE-2026-6158 Totolink N300RH upgrade.so setUpgradeUboot os command injection

A flaw has been found in Totolink N300RH 6.1c.1353B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

CVE-2026-6158

A flaw has been found in Totolink N300RH 6.1c.1353B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

CVE-2026-6155 Totolink A7100RU CGI cstecgi.cgi setWanCfg os command injection

A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument pppoeServiceName can lead to os command injection. The attack may be launched...

CVE-2026-6155

A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument pppoeServiceName can lead to os command injection. The attack may be launched...

CVE-2026-6155

CVE-2026-6155 affects Totolink A7100RU running 7.4cu.2313. The vulnerability is in the CGI handler: function setWanCfg in file /cgi-bin/cstecgi.cgi, where manipulation of the argument pppoeServiceName can lead to an OS command injection . The attack may be launched remotely over the network, with...

CVE-2026-6154

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wizard results in os command injection. The attack may be initiat...

CVE-2026-6154 Totolink A7100RU CGI cstecgi.cgi setWizardCfg os command injection

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wizard results in os command injection. The attack may be initiat...

CVE-2026-6141

A vulnerability was determined in danielmiessler PersonalAIInfrastructure up to 2.3.0. Affected is an unknown function of the file Skills/Parser/Tools/parseurl.ts. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclos...

CVE-2026-6141 danielmiessler Personal_AI_Infrastructure parse_url.ts os command injection

A vulnerability was determined in danielmiessler PersonalAIInfrastructure up to 2.3.0. Affected is an unknown function of the file Skills/Parser/Tools/parseurl.ts. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclos...

CVE-2026-6141 danielmiessler Personal_AI_Infrastructure parse_url.ts os command injection

A vulnerability was determined in danielmiessler PersonalAIInfrastructure up to 2.3.0. Affected is an unknown function of the file Skills/Parser/Tools/parseurl.ts. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclos...

CVE-2026-6140

A vulnerability was found in Totolink A7100RU 7.4cu.2313b20191024. This impacts the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument FileName results in os command injection. The attack may be initiated remotely...

CVE-2026-6139 Totolink A7100RU CGI cstecgi.cgi UploadOpenVpnCert os command injection

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The...

EUVD-2026-21764

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The...

CVE-2026-6139

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The...

CVE-2026-6138

A flaw has been found in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mac causes os command injection. The attack can be initiated remotely. The exploi...

CVE-2026-6138 Totolink A7100RU CGI cstecgi.cgi setAccessDeviceCfg os command injection

A flaw has been found in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mac causes os command injection. The attack can be initiated remotely. The exploi...

PT-2026-32489

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A security issue in the CGI Handler component allows for remote OS command injection. The problem exists in the setPasswordCfg function within the '/cgi-bin/cstecgi.cgi' file. An...

PT-2026-32240

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 Description A weakness exists in the CGI Handler component of Totolink A7100RU version 7.4cu.2313. Manipulation of the pppoeServiceName argument within the setWanCfg function in the /cgi-bin/cstecgi.cgi file...

CVE-2026-6132

A vulnerability was determined in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is...

CVE-2026-6132 Totolink A7100RU CGI cstecgi.cgi setLedCfg os command injection

A vulnerability was determined in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is...