PT-2026-31590

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A security flaw exists in the CGI Handler component of Totolink A7100RU 7.4cu.2313 b20191024. The setUPnPCfg function within the /cgi-bin/cstecgi.cgi file is susceptible to os command...

EUVD-2025-33269

A vulnerability has been found in Tenda AC7 15.03.06.44. Impacted is an unknown function of the file /goform/SetUpnpCfg. Such manipulation of the argument upnpEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

PT-2025-41327

Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack-based buffer overflow exists in Tenda AC7 version 15.03.06.44. The issue is due to the manipulation of the upnpEn parameter within the /goform/SetUpnpCfg file. This allows for remote...

PT-2025-16556 · Totolink · Totolink A3700R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3700R version 9.1.2u.5822 B20200513 Description: A critical issue affects the setUPnPCfg function of the file /cgi-bin/cstecgi.cgi, leading to improper access controls. The manipulation can be initiated remotely. The exploit has bee...