CVE-2026-5975

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. Th...

CVE-2026-7136

CVE-2026-7136 affects Totolink A8000RU, version 7.1cu.643_b20200521. Vulnerable component: CGI Handler, file /cgi-bin/cstecgi.cgi, function setDmzCfg. Manipulating the wanIdx argument can cause an OS command injection. Exploit can be launched remotely and public exploits exist. Documents consiste...

CVE-2026-7136 Totolink A8000RU CGI cstecgi.cgi setDmzCfg os command injection

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wanIdx can lead to os command injection. The attack may be launched...

PT-2026-35450

A weakness has been identified in Totolink A8000RU 7.1cu.643 b20200521. Affected by this issue is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wanIdx can lead to os command injection. The attack may be launched...

CVE-2026-5975

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. Th...

CVE-2026-5975

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. Th...

CVE-2026-5975 Totolink A7100RU CGI cstecgi.cgi setDmzCfg os command injection

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. Th...

CVE-2026-5975 Totolink A7100RU CGI cstecgi.cgi setDmzCfg os command injection

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. Th...

CVE-2026-5975

Totolink A7100RU affected by CVE-2026-5975: the CGI Handler’s setDmzCfg function in /cgi-bin/cstecgi.cgi is vulnerable when processing wanIdx, enabling OS command injection. This is a remote vulnerability with publicly available exploit information, indicating potential remote code execution on a...

TOTOLINK A3300R cstecgi.cgi File Buffer Overflow Vulnerability

TOTOLINK A3300R is a dual-band wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home and small network environments. The TOTOLINK A3300R suffers from a buffer overflow vulnerability that originates from the parameter ip of the function setDmzCfg in the file...

CVE-2025-12240

A security vulnerability has been detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2025-12240 TOTOLINK A3300R cstecgi.cgi setDmzCfg buffer overflow

A security vulnerability has been detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2025-12240

CVE-2025-12240 is associated with TOTOLINK A3300R 17.0.0cu.557_B20221024. The vulnerability affects the function setDmzCfg in the file /cgi-bin/cstecgi.cgi, where manipulation of the ip argument leads to a buffer overflow. This can be exploited remotely; multiple sources describe a publicly discl...

EUVD-2025-36097

A security vulnerability has been detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed...

PT-2025-43896

Name of the Vulnerable Software and Affected Versions TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description A security issue exists in TOTOLINK A3300R 17.0.0cu.557 B20221024. The setDmzCfg function within the /cgi-bin/cstecgi.cgi file is susceptible to a buffer overflow when the ip argument ...

EUVD-2024-20585

Malicious code in bioql PyPI...

CVE-2024-23060

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function...

CVE-2023-51015

TOTOLINX EX1800T v9.1.0cu.2112B20220316 is vulnerable to arbitrary command execution in the ‘enable parameter’ of the setDmzCfg interface of the cstecgi .cgi...

CVE-2025-2095

A vulnerability classified as critical has been found in TOTOLINK EX1800T 9.1.0cu.2112B20220316. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os command injection. It is possible to initiate the attack remotely. The exploit has...

TOTOLINK EX1800T 安全漏洞

TOTOLINK EX1800T is a wireless repeater from China's Gion Electronics TOTOLINK. The TOTOLINK EX1800T suffers from an OS command injection vulnerability that originates from the setDmzCfg contained in /cgi-bin/cstecgi.cgi, and no details of the vulnerability are provided at this time...