24 matches found
CVE-2026-9436
A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be...
CVE-2026-9436
A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be...
CVE-2026-9436 Totolink A8000RU Web Management cstecgi.cgi setL2tpServerCfg os command injection
A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be...
EUVD-2026-31644
A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be...
CVE-2026-9436 Totolink A8000RU Web Management cstecgi.cgi setL2tpServerCfg os command injection
A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be...
CVE-2026-9436
Totolink A8000RU Web Management (cgi-bin/cstecgi.cgi, function setL2tpServerCfg) is affected by an os command injection when manipulating the enable argument. The flaw is exploitable remotely and has an exploit published. Impact concerns high confidentiality, integrity, and availability per CVSS,...
PT-2026-43015
A flaw has been found in Totolink A8000RU 7.1cu.643 b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be...
TOTOLINK A8000RU 操作系统命令注入漏洞
The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the operation of the function setL2tpServerCfg on the parameter enable in the Web Management...
TOTOLINK A3700R Access Control Error Vulnerability
The TOTOLINK A3700R is a wireless router that provides wireless network connectivity. TOTOLINK A3700R suffers from an access control error vulnerability that originates from improper access control of the setL2tpServerCfg function in the /cgi-bin/cstecgi.cgi file, for which no detailed...
CVE-2025-3675
A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822B20200513. It has been rated as critical. Affected by this issue is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been...
CVE-2025-3675 TOTOLINK A3700R cstecgi.cgi setL2tpServerCfg access control
A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822B20200513. It has been rated as critical. Affected by this issue is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been...
TOTOLINK A3700R 安全漏洞
The TOTOLINK A3700R is a wireless router that provides wireless network connectivity. TOTOLINK A3700R suffers from an access control error vulnerability that originates from improper access control of the setL2tpServerCfg function in the /cgi-bin/cstecgi.cgi file, for which no detailed...
CVE-2024-42741
In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...
CVE-2024-42741
In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...
CVE-2024-42741
TOTOLINK X5000r v9.1.0cu.2350_b20230313 is affected by an OS command injection in /cgi-bin/cstecgi.cgi via setL2tpServerCfg. Authenticated attackers can send a crafted packet to execute arbitrary commands. Subsystems: the vulnerability is tied to the setL2tpServerCfg function in cstecgi.cgi, enab...
TOTOLINK X5000R 操作系统命令注入漏洞
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the setL2tpServerCfg method of /cgi-bin/cstecgi.cgi failing to properly filter constructed command speci...
CVE-2022-28580
It is found that there is a command injection vulnerability in the setL2tpServerCfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...
CVE-2022-28580
It is found that there is a command injection vulnerability in the setL2tpServerCfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...
CVE-2022-28580
It is found that there is a command injection vulnerability in the setL2tpServerCfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...
TOTOLINK A7100RU 操作系统命令注入漏洞
The TOTOLINK A7100RU is a wireless router from TOTOLINK China. A command injection vulnerability exists in the TOTOLINK A7100RU v7.4cu.2313b20191024 firmware version, which stems from a command injection attack on the setL2tpServerCfg interface. An attacker can exploit this vulnerability to execu...