CVE-2026-9454

The CVE concerns Totolink A8000RU Web Management (version 7.1cu.643_b20200521). The vulnerable component is the function setOpenVpnCertGenerationCfg in /cgi-bin/cstecgi.cgi. The root cause is a manipulation of the argument servername that leads to an OS command injection. The issue appears to be ...

CVE-2026-9454 Totolink A8000RU Web Management cstecgi.cgi setOpenVpnCertGenerationCfg os command injection

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument servername can lead to os command injection. The...

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in the Totolink A8000RU version 7.1cu.643b20200521, which originates from the function /cgi-bin/cstecgi.cgi in the file /cgi-bin/cstecgi.cgi in the componen...

CVE-2022-48126

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGenerationCfg function...

CVE-2022-48125

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function...

CVE-2022-48124

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function...

Command injection

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGenerationCfg function...

Command injection

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function...

Command injection

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function...

CVE-2022-48125

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function...

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in the TOTOlink A7100RU V7.4cu.2313B20191024 version, which stems from the username parameter of the setting/setOpenVpnCertGenerationCfg method containing a...

CVE-2022-48124

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function...