CVE-2026-6132 Totolink A7100RU CGI cstecgi.cgi setLedCfg os command injection

A vulnerability was determined in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is...

EUVD-2023-50698

Malicious code in bioql PyPI...

EUVD-2023-51137

Malicious code in bioql PyPI...

CVE-2023-46979

TOTOLINK X6000R V9.4.0cu.852B20230719 was discovered to contain a command injection vulnerability via the enable parameter in the setLedCfg function...

TOTOLINK X5000R setLedCfg Function OS Command Injection Vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the setLedCfg function in the file /cgi-bin/cstecgi.cgi that fails to properly filter...

TOTOLINK X6000R setLedCfg Function Code Execution Vulnerability

TOTOLINK X6000R is a wireless router from China Gion Electronics that supports WiFi 6 technology with high concurrent connections and dual-band transmission. A code execution vulnerability exists in TOTOLINK X6000R. The vulnerability stems from the application failing to properly filter special...

CVE-2023-46979

TOTOLINK X6000R V9.4.0cu.852B20230719 was discovered to contain a command injection vulnerability via the enable parameter in the setLedCfg function...

Command injection

TOTOLINK X6000R V9.4.0cu.852B20230719 was discovered to contain a command injection vulnerability via the enable parameter in the setLedCfg function...

CVE-2023-46484

An issue in TOTOlink X6000R V9.4.0cu.852B20230719 allows a remote attacker to execute arbitrary code via the setLedCfg function...

CVE-2023-46484

An issue in TOTOlink X6000R V9.4.0cu.852B20230719 allows a remote attacker to execute arbitrary code via the setLedCfg function...

PT-2023-30280 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.852 B20230719 Description: A command injection issue was found via the enable parameter in the setLedCfg function. This allows for potential command injection attacks. Recommendations: For TOTOLINK X6000R versi...

PT-2023-30047 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOlink X6000R version 9.4.0cu.852 B20230719 Description: An issue in the software allows a remote attacker to execute arbitrary code via the setLedCfg function. This enables the attacker to potentially gain control over the device. The...

CVE-2023-46979

TOTOLINK X6000R V9.4.0cu.852B20230719 was discovered to contain a command injection vulnerability via the enable parameter in the setLedCfg function...