CVE-2026-9384

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument ip results in os command injection. The attack can be executed...

CVE-2026-9384

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument ip results in os command injection. The attack can be executed...

CVE-2026-9384 Totolink A8000RU Web Management cstecgi.cgi setDiagnosisCfg os command injection

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument ip results in os command injection. The attack can be executed...

CVE-2026-9384

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument ip results in os command injection. The attack can be executed...

EUVD-2026-31594

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument ip results in os command injection. The attack can be executed...

CVE-2026-9384 Totolink A8000RU Web Management cstecgi.cgi setDiagnosisCfg os command injection

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument ip results in os command injection. The attack can be executed...

TOTOLINK A8000RU 操作系统命令注入漏洞

TOTOLINK A8000RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A8000RU 7.1cu.643b20200521 version contains a vulnerability related to operating system command injection. This vulnerability stems from improper handling of the parameter “ip” in the function...

CVE-2026-6116

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument ip leads to os command injection. Remote exploitation of the attack is...

CVE-2026-6116

CVE-2026-6116 affects Totolink A7100RU (firmware 7.4cu.2313_b20191024). The vulnerability is in the CGI Handler’s function setDiagnosisCfg in the file /cgi-bin/cstecgi.cgi where manipulating the argument ip leads to an OS command injection. It allows remote exploitation and the exploit has been d...

CVE-2026-6116 Totolink A7100RU CGI cstecgi.cgi setDiagnosisCfg os command injection

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument ip leads to os command injection. Remote exploitation of the attack is...

CVE-2026-6116 Totolink A7100RU CGI cstecgi.cgi setDiagnosisCfg os command injection

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument ip leads to os command injection. Remote exploitation of the attack is...

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version has a vulnerability related to operating system command injection. This vulnerability stems from the improper handling of the parameter “ip” in the setDiagnosisCfg...

CVE-2025-70327

TOTOLINK X5000R v9.1.0cu2415B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter is retrieved via websGetVar and passed to a ping command through CsteSystem without validating if the input starts with a hyphen...

CVE-2025-70327

TOTOLINK X5000R v9.1.0cu2415B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter is retrieved via websGetVar and passed to a ping command through CsteSystem without validating if the input starts with a hyphen...

TOTOLINK X5000R 安全漏洞

The TOTOLINK X5000R is a router produced by TOTOLINK, a Chinese electronics company. The TOTOLINK X5000R v9.1.0cu2415B20250515 version contains a security vulnerability. This vulnerability stems from insufficient validation of IP parameters in the setDiagnosisCfg processing program. It may allow...

PT-2026-21551

Name of the Vulnerable Software and Affected Versions TOTOLINK X5000R version 9.1.0cu 2415 B20250515 Description The software contains an argument injection flaw in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter, obtained using websGetVar, is passed to a ping...

CVE-2025-70327

TOTOLINK X5000R v9.1.0cu2415B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter is retrieved via websGetVar and passed to a ping command through CsteSystem without validating if the input starts with a hyphen...

CVE-2026-1149

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...

CVE-2026-1149

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...

CVE-2026-1149

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...