CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/04/12 2:45 a.m.•31 views

CVE-2026-6112 Totolink A7100RU CGI cstecgi.cgi setRadvdCfg os command injection

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be initiated remotely. The...

10CVSS0.01766EPSS

Vulnrichment•added 2026/04/12 2:45 a.m.•1 views

CVE-2026-6112 Totolink A7100RU CGI cstecgi.cgi setRadvdCfg os command injection

10CVSS5.6AI score0.01766EPSS

NVD•added 2026/04/12 1:16 a.m.•2 views

CVE-2026-6108

A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps/application/flow/stepnode/mcpnode/impl/basemcpnode.py of the component Model Context Protocol Node. Performing a manipulation results in os command injection. The attack is...

6.5CVSS0.0132EPSS

Exploits0References4

EUVD•added 2026/04/12 1:0 a.m.•0 views

EUVD-2026-21690

6.5CVSS5.5AI score0.0132EPSS

Exploits0References4

CVE•added 2026/04/12 1:0 a.m.•10 views

CVE-2026-6108

1Panel-dev MaxKB up to 2.6.1 is affected in the Model Context Protocol Node, specifically the execute function in apps/application/flow/step_node/mcp_node/impl/base_mcp_node.py. The vulnerability allows remote OS command injection via manipulation of the node, with exploitation described as publi...

6.5CVSS6.3AI score0.0132EPSS

Exploits0References4

Positive Technologies•added 2026/04/12 12:0 a.m.•3 views

PT-2026-32148

A flaw has been found in Totolink A7100RU 7.4cu.2313 b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection. The attack may be launched remotely. The exploit has...

10CVSS5.5AI score0.01823EPSS

Positive Technologies•added 2026/04/12 12:0 a.m.•1 views

PT-2026-32147

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A vulnerability exists in the Totolink A7100RU router, specifically within the CGI Handler component. Manipulation of the proto argument in the setNetworkCfg function of the...

10CVSS7.2AI score0.01803EPSS

Exploits0References11

Positive Technologies•added 2026/04/12 12:0 a.m.•1 views

PT-2026-32145

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A weakness exists in the Totolink A7100RU version 7.4cu.2313 b20191024. The issue is due to a flaw in the setRadvdCfg function within the CGI Handler component, specifically in the file...

10CVSS7.1AI score0.01766EPSS

Exploits0References12

RedhatCVE•added 2026/04/10 7:22 p.m.•2 views

CVE-2026-5972

A vulnerability has been found in FoundationAgents MetaGPT up to 0.8.1. This issue affects the function Terminal.runcommand in the library metagpt/tools/libs/terminal.py. The manipulation leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed ...

9.8CVSS6.4AI score0.02328EPSS

Exploits1References1

EUVD•added 2026/04/10 9:31 a.m.•3 views

EUVD-2026-21319

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. This issue affects the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection. The attack can be launched...

10CVSS7AI score0.02499EPSS

EUVD•added 2026/04/10 9:31 a.m.•3 views

EUVD-2026-21324

A vulnerability was detected in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument User results in os command injection. The attack may be launched remotely. Th...

NVD•added 2026/04/10 7:16 a.m.•5 views

CVE-2026-6028

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function setPptpServerCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable leads to os command injection. The attack may be initiated remotely...

10CVSS0.02981EPSS

NVD•added 2026/04/10 7:16 a.m.•4 views

CVE-2026-6027

10CVSS0.02499EPSS

EUVD•added 2026/04/10 6:31 a.m.•4 views

EUVD-2026-21314

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It is possible to launch the attack remotely. The...

10CVSS7AI score0.03EPSS

Cvelist•added 2026/04/10 6:30 a.m.•30 views

CVE-2026-6029 Totolink A7100RU CGI cstecgi.cgi setVpnAccountCfg os command injection

10CVSS0.02981EPSS

CVE•added 2026/04/10 6:30 a.m.•13 views

CVE-2026-6029

Totolink A7100RU (firmware 7.4cu.2313_b20191024) is affected by a vulnerability in the CGI Handler file /cgi-bin/cstecgi.cgi, specifically the setVpnAccountCfg function. Manipulating the User argument leads to an OS command injection. The flaw can be exploited remotely, and public exploits exist ...

ATTACKERKB•added 2026/04/10 6:15 a.m.•3 views

CVE-2026-6028

Exploits0References5Affected Software1

CVE•added 2026/04/10 6:15 a.m.•20 views

CVE-2026-6028

CVE-2026-6028 affects Totolink A7100RU (version 7.4cu.2313_b20191024). The vulnerability lies in the CGI Handler function setPptpServerCfg within /cgi-bin/cstecgi.cgi, where manipulating the argument enable enables an OS command injection . The issue can be triggered remotely and the exploit has ...

10CVSS6.9AI score0.02981EPSS

Vulnrichment•added 2026/04/10 6:15 a.m.•2 views

CVE-2026-6028 Totolink A7100RU CGI cstecgi.cgi setPptpServerCfg os command injection