CVE-2026-7136 Totolink A8000RU CGI cstecgi.cgi setDmzCfg os command injection

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wanIdx can lead to os command injection. The attack may be launched...

CVE-2026-7136

CVE-2026-7136 affects Totolink A8000RU, version 7.1cu.643_b20200521. Vulnerable component: CGI Handler, file /cgi-bin/cstecgi.cgi, function setDmzCfg. Manipulating the wanIdx argument can cause an OS command injection. Exploit can be launched remotely and public exploits exist. Documents consiste...

PT-2026-35450

A weakness has been identified in Totolink A8000RU 7.1cu.643 b20200521. Affected by this issue is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wanIdx can lead to os command injection. The attack may be launched...

CVE-2026-5975

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. Th...

CVE-2026-5975 Totolink A7100RU CGI cstecgi.cgi setDmzCfg os command injection

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. Th...

CVE-2026-5975

Totolink A7100RU affected by CVE-2026-5975: the CGI Handler’s setDmzCfg function in /cgi-bin/cstecgi.cgi is vulnerable when processing wanIdx, enabling OS command injection. This is a remote vulnerability with publicly available exploit information, indicating potential remote code execution on a...

CVE-2026-5975 Totolink A7100RU CGI cstecgi.cgi setDmzCfg os command injection

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. Th...

CVE-2026-5975

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. Th...

TOTOLINK A3300R cstecgi.cgi File Buffer Overflow Vulnerability

TOTOLINK A3300R is a dual-band wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home and small network environments. The TOTOLINK A3300R suffers from a buffer overflow vulnerability that originates from the parameter ip of the function setDmzCfg in the file...

CVE-2025-12240

A security vulnerability has been detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed...

EUVD-2025-36097

A security vulnerability has been detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2025-12240 TOTOLINK A3300R cstecgi.cgi setDmzCfg buffer overflow

A security vulnerability has been detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2025-12240

CVE-2025-12240 is associated with TOTOLINK A3300R 17.0.0cu.557_B20221024. The vulnerability affects the function setDmzCfg in the file /cgi-bin/cstecgi.cgi, where manipulation of the ip argument leads to a buffer overflow. This can be exploited remotely; multiple sources describe a publicly discl...

PT-2025-43896

Name of the Vulnerable Software and Affected Versions TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description A security issue exists in TOTOLINK A3300R 17.0.0cu.557 B20221024. The setDmzCfg function within the /cgi-bin/cstecgi.cgi file is susceptible to a buffer overflow when the ip argument ...

EUVD-2024-20585

Malicious code in bioql PyPI...

CVE-2024-23060

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function...

CVE-2023-51015

TOTOLINX EX1800T v9.1.0cu.2112B20220316 is vulnerable to arbitrary command execution in the ‘enable parameter’ of the setDmzCfg interface of the cstecgi .cgi...

CVE-2025-2095

A vulnerability classified as critical has been found in TOTOLINK EX1800T 9.1.0cu.2112B20220316. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os command injection. It is possible to initiate the attack remotely. The exploit has...

TOTOLINK EX1800T 安全漏洞

TOTOLINK EX1800T is a wireless repeater from China's Gion Electronics TOTOLINK. The TOTOLINK EX1800T suffers from an OS command injection vulnerability that originates from the setDmzCfg contained in /cgi-bin/cstecgi.cgi, and no details of the vulnerability are provided at this time...

CVE-2024-42738

In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...