CVE-2026-6138

A flaw has been found in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mac causes os command injection. The attack can be initiated remotely. The exploi...

CVE-2026-9477 Totolink A8000RU Web Management cstecgi.cgi setAccessDeviceCfg os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. The attack is...

CVE-2026-9477 Totolink A8000RU Web Management cstecgi.cgi setAccessDeviceCfg os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. The attack is...

CVE-2026-9477

CVE-2026-9477 affects Totolink A8000RU Web Management Interface. The vulnerability lies in the /cgi-bin/cstecgi.cgi setAccessDeviceCfg function where manipulating the mac argument enables OS command injection. It can be exploited remotely with no privileges or user interaction. Public exploit inf...

CVE-2026-9477

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. The attack is...

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the operation of the function setAccessDeviceCfg on the parameter mac in the Web Management...

CVE-2026-6138

A flaw has been found in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mac causes os command injection. The attack can be initiated remotely. The exploi...

CVE-2026-6138 Totolink A7100RU CGI cstecgi.cgi setAccessDeviceCfg os command injection

A flaw has been found in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mac causes os command injection. The attack can be initiated remotely. The exploi...

CVE-2026-6138

The CVE concerns Totolink A7100RU (firmware 7.4cu.2313_b20191024) where the CGI Handler’s function setAccessDeviceCfg in /cgi-bin/cstecgi.cgi accepts a manipulated mac argument to trigger OS command injection. This allows a remote attacker to exploit the vulnerability over the network (no authent...

CVE-2026-6138 Totolink A7100RU CGI cstecgi.cgi setAccessDeviceCfg os command injection

A flaw has been found in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mac causes os command injection. The attack can be initiated remotely. The exploi...

PT-2026-32195

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A flaw exists in the Totolink A7100RU version 7.4cu.2313 b20191024. The issue is due to a vulnerability in the setAccessDeviceCfg function within the CGI Handler component, located in t...

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK Corporation. The Totolink A7100RU 7.4cu.2313b20191024 version contains a vulnerability related to operating system command injection. This vulnerability stems from improper handling of the mac parameter in the function...

CVE-2024-42739

In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...

CVE-2024-42739

CVE-2024-42739 affects TOTOLINK X5000r (firmware v9.1.0cu.2350_b20230313). The vulnerability is an OS command injection in /cgi-bin/cstecgi.cgi within setAccessDeviceCfg. Authenticated attackers can send crafted packets to execute arbitrary commands, with network access and high impact (C/H/I/A =...

CVE-2024-42739

In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...

CVE-2024-42739

In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...