14 matches found
CVE-2026-9434
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setWiFiWpsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument wscDisabled leads to os command injection. The attack may be...
CVE-2026-9434 Totolink A8000RU Web Management cstecgi.cgi setWiFiWpsCfg os command injection
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setWiFiWpsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument wscDisabled leads to os command injection. The attack may be...
CVE-2026-9434
The CVE-2026-9434 issue affects Totolink A8000RU (Web Management Interface) version 7.1cu.643_b20200521, specifically the /cgi-bin/cstecgi.cgi file’s setWiFiWpsCfg function. The root cause is a manipulation of the wscDisabled argument that enables os command injection. This can be exploited remot...
CVE-2026-9434 Totolink A8000RU Web Management cstecgi.cgi setWiFiWpsCfg os command injection
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setWiFiWpsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument wscDisabled leads to os command injection. The attack may be...
CVE-2024-42748
In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWiFiWpsCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...
CVE-2024-42748
In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWiFiWpsCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...
TOTOLINK X5000R 安全漏洞
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the setWiFiWpsCfg method of /cgi-bin/cstecgi.cgi failing to properly filter constructed command special...
CVE-2022-46634
TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function...
TOTOLINK A7100RU 操作系统命令注入漏洞
The TOTOLINK A7100RU is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A7100RU firmware version V7.4cu.2313B20191024 suffers from an operating system command injection vulnerability that stems from the wscDisabled parameter of its setting/setWiFiWpsCfg function that allows...
CVE-2022-46634
TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function...
TOTOLINK A7100RU Command Injection Vulnerability
The TOTOLINK A7100RU is a wireless router from TOTOLINK China. A security vulnerability exists in the TOTOLINK A7100RU v7.4cu.2313b20191024 firmware version, which originates from a command injection attack on the setWiFiWpsCfg interface. An attacker can exploit this vulnerability to execute...
CVE-2022-28583
It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...
CVE-2022-28583
It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...
CVE-2022-28583
It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...