EUVD-2026-26795

A vulnerability was identified in Totolink N300RH 6.1c.1353B20190305. This impacts the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument FileName leads to file inclusion. The attack may be performed from remote. The exploit is publicly available and mig...

CVE-2026-7633 Totolink N300RH cstecgi.cgi setUploadSetting file inclusion

A vulnerability was identified in Totolink N300RH 6.1c.1353B20190305. This impacts the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument FileName leads to file inclusion. The attack may be performed from remote. The exploit is publicly available and mig...

CVE-2026-7633

Totolink N300RH 6.1c.1353_B20190305 is affected by CVE-2026-7633 in the setUploadSetting function of /cgi-bin/cstecgi.cgi. Manipulating the FileName argument leads to file inclusion and may be exploitable remotely. Public exploit is reported; patch/version details are not provided in the sources.

CVE-2026-7633 Totolink N300RH cstecgi.cgi setUploadSetting file inclusion

A vulnerability was identified in Totolink N300RH 6.1c.1353B20190305. This impacts the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument FileName leads to file inclusion. The attack may be performed from remote. The exploit is publicly available and mig...

TOTOLINK N300RH 安全漏洞

TOTOLINK N300RH is a long-range wireless router produced by TOTOLINK Corporation. Version 6.1c.1353B20190305 of TOTOLINK N300RH contains a security vulnerability. This vulnerability stems from the operation of the setUploadSetting function in the /cgi-bin/cstecgi.cgi file, which may lead to file...

PT-2026-36623

A vulnerability was identified in Totolink N300RH 6.1c.1353 B20190305. This impacts the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument FileName leads to file inclusion. The attack may be performed from remote. The exploit is publicly available and...

EUVD-2023-41069

Malicious code in bioql PyPI...

CVE-2023-37149

TOTOLINK LR350 V9.3.5u.6369B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function...

CVE-2024-7183

A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu.5182B20201102. Affected is the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. It is possible to launch the attack remotely. The...

PT-2024-38145 · Totolink · Totolink A3600R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3600R version 4.1.2cu.5182 B20201102 Description: A critical issue was found in the setUploadSetting function of the /cgi-bin/cstecgi.cgi file. The manipulation of the FileName argument leads to a buffer overflow. This issue can be...

TOTOLINK A3600R 安全漏洞

TOTOLINK A3600R is a 6-antenna 1200M wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3600R suffers from a buffer overflow vulnerability that originates from improper handling of the FileName parameter in the setUploadSetting function of the /cgi-bin/cstecgi.cgi file. An...

TOTOLINK LR1200GB setUploadSetting Function OS Command Injection Vulnerability

The TOTOLINK LR1200GB is a wireless dual-band 4GLTE router from China's Gion Electronics TOTOLINK that supports 2.4GHz and 5GHz dual-band networks, and is primarily used to provide mobile broadband connectivity and Wi-Fi coverage. The TOTOLINK LR1200GB suffers from an operating system command...

CVE-2024-0293

A vulnerability classified as critical was found in Totolink LR1200GB 9.1.0u.6619B20230130. Affected by this vulnerability is the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to os command injection. The attack can be launched remotel...

CVE-2024-0293 Totolink LR1200GB cstecgi.cgi setUploadSetting os command injection

A vulnerability classified as critical was found in Totolink LR1200GB 9.1.0u.6619B20230130. Affected by this vulnerability is the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to os command injection. The attack can be launched remotel...

TOTOLINK LR1200GB 操作系统命令注入漏洞

The TOTOLINK LR1200GB is a wireless dual-band 4GLTE router from China's Gion Electronics TOTOLINK that supports 2.4GHz and 5GHz dual-band networks, and is primarily used to provide mobile broadband connectivity and Wi-Fi coverage. The TOTOLINK LR1200GB suffers from an operating system command...

PT-2024-1058 · Totolink · Totolink Lr1200Gb

Name of the Vulnerable Software and Affected Versions: Totolink LR1200GB version 9.1.0u.6619 B20230130 Description: A critical vulnerability was found in the Totolink LR1200GB router's software. The issue affects the setUploadSetting function of the /cgi-bin/cstecgi.cgi file. The manipulation of...

CVE-2023-37149

TOTOLINK LR350 V9.3.5u.6369B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function...

CVE-2023-37149

TOTOLINK LR350 V9.3.5u.6369B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function...

CVE-2023-37149

TOTOLINK LR350 V9.3.5u.6369B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function...

Command injection

TOTOLINK LR350 V9.3.5u.6369B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function...