CVE-2026-9408

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...

CVE-2026-9408

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...

EUVD-2026-31609

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...

CVE-2026-9408 Totolink A8000RU Web Management cstecgi.cgi setStaticDhcpRules os command injection

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...

PT-2026-42979

A vulnerability was detected in Totolink A8000RU 7.1cu.643 b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the parameter enable of the function setStaticDhcpRules in the Web Management Interface compone...

CVE-2024-24326

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the arpEnable parameter in the setStaticDhcpRules function...

CVE-2024-8577

A vulnerability was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861B20230220/4.1.8cu.5207. It has been declared as critical. Affected by this vulnerability is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument desc leads to buffer overflow. T...

CVE-2024-8577

CVE-2024-8577 affects TOTOLINK AC1200 T8 and T10 (versions 4.1.5cu.861 B20230220 through 4.1.8cu.5207). The vulnerability resides in the function setStaticDhcpRules of /cgi-bin/cstecgi.cgi, where improper handling of the desc parameter can trigger a buffer overflow. It is exploitable remotely, an...

CVE-2024-8577 TOTOLINK AC1200 T8/AC1200 T10 cstecgi.cgi setStaticDhcpRules buffer overflow

A vulnerability was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861B20230220/4.1.8cu.5207. It has been declared as critical. Affected by this vulnerability is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument desc leads to buffer overflow. T...

TOTOLINK AC1200 安全漏洞

TOTOLINK AC1200 is a dual-band Wi-Fi router from China's Gion Electronics TOTOLINK. The TOTOLINK AC1200 suffers from a buffer overflow vulnerability that originates from the desc parameter in the setStaticDhcpRules method of the /cgi-bin/cstecgi.cgi page that contains a buffer overflow...

PT-2024-39114 · Totolink · Totolink Ac1200 T10 +1

Name of the Vulnerable Software and Affected Versions: TOTOLINK AC1200 T8 and AC1200 T10 versions 4.1.5cu.861 B20230220 through 4.1.8cu.5207 Description: A critical vulnerability was found in the affected software. The issue affects the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi...

TOTOLINK A3300R setStaticDhcpRules Method Command Injection Vulnerability

TOTOLINK A3300R is a dual-band wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home and small network environments. The TOTOLINK A3300R suffers from a command injection vulnerability that stems from the failure of the arpEnable parameter of the setStaticDhcpRule...

CVE-2024-24326

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the arpEnable parameter in the setStaticDhcpRules function...

CVE-2024-24326

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the arpEnable parameter in the setStaticDhcpRules function...

Command injection

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the arpEnable parameter in the setStaticDhcpRules function...

CVE-2024-24326

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the arpEnable parameter in the setStaticDhcpRules function...

TOTOLINK A3300R 安全漏洞

TOTOLINK A3300R is a dual-band wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home and small network environments. The TOTOLINK A3300R suffers from a command injection vulnerability that stems from the failure of the arpEnable parameter of the setStaticDhcpRule...

CVE-2024-24326

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the arpEnable parameter in the setStaticDhcpRules function...

CVE-2024-24326

TOTOLINK A3300R firmware V17.0.0cu.557_B20221024 is affected by a command-injection vulnerability in the setStaticDhcpRules function via the arpEnable parameter. The root cause is insufficient input filtering for constructed command characters, enabling remote command execution with network acces...