CVE-2026-7137 Totolink A8000RU CGI cstecgi.cgi setStorageCfg os command injection
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument sambaEnabled leads to os command injection. Remote exploitation of the attack ...