CVE-2026-9456

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setOpenVpnCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enabled results in os command injection. The attack can be executed remotely. The...

CVE-2026-9456

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setOpenVpnCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enabled results in os command injection. The attack can be executed remotely. The...

CVE-2026-9456 Totolink A8000RU Web Management cstecgi.cgi setOpenVpnCfg os command injection

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setOpenVpnCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enabled results in os command injection. The attack can be executed remotely. The...

EUVD-2026-31674

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setOpenVpnCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enabled results in os command injection. The attack can be executed remotely. The...

PT-2026-43044

A vulnerability was found in Totolink A8000RU 7.1cu.643 b20200521. Impacted is the function setOpenVpnCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enabled results in os command injection. The attack can be executed remotely. The...

CVE-2022-44844

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the pass parameter in the setting/setOpenVpnCfg function...

Command injection

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the pass parameter in the setting/setOpenVpnCfg function...

CVE-2022-44844

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the pass parameter in the setting/setOpenVpnCfg function...

CVE-2022-44844

CVE-2022-44844 describes a command injection in the TOTOLINK A7100RU (version 7.4cu.2313_B20191024) via the pass parameter in the function setting/setOpenVpnCfg . The vulnerability is documented as a remote (network) issue with no required user interaction and no privileges required, causing high...

TOTOLINK A7100RU Command Injection Vulnerability (CNVD-2022-64270)

The TOTOLINK A7100RU is a wireless router from TOTOLINK China. A security vulnerability exists in the TOTOLINK A7100RU v7.4cu.2313b20191024 firmware version, which originates from a command injection attack on the setOpenVpnCfg interface. An attacker can exploit this vulnerability to execute...

CVE-2022-28578

It is found that there is a command injection vulnerability in the setOpenVpnCfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...

CVE-2022-28578

It is found that there is a command injection vulnerability in the setOpenVpnCfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...

PT-2022-19085 · Totolink · Totolink A7100Ru

Name of the Vulnerable Software and Affected Versions: TOTOlink A7100RU version 7.4cu.2313 b20191024 Description: A command injection issue is found in the setOpenVpnCfg interface of the TOTOlink A7100RU router, allowing an attacker to execute arbitrary commands through a carefully constructed...