CVE-2026-6114
Totolink A7100RU (firmware 7.4cu.2313_b20191024) is affected via the CGI Handler function setNetworkCfg in /cgi-bin/cstecgi.cgi. Manipulating the proto argument yields an OS command injection, with remote feasibility. Public exploit exists (exploit code maturity: PROOF-OF-CONCEPT; CVSSv3.1 base 9...