38 matches found
CVE-2026-7548
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...
CVE-2026-7548
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...
CVE-2026-7548
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...
CVE-2026-7548
Totolink NR1800X firmware 9.1.0u.6279_B20210910 is affected. Vulnerable component: /cgi-bin/cstecgi.cgi, function sub_41A68C; manipulating the argument setUssd enables remote command injection. Exploit public. CVSS metrics indicate high impact and network-based access with low complexity. Impact ...
CVE-2026-7548 Totolink NR1800X cstecgi.cgi sub_41A68C command injection
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...
EUVD-2026-26472
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...
CVE-2026-7548 Totolink NR1800X cstecgi.cgi sub_41A68C command injection
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...
TOTOLINK NR1800X 注入漏洞
TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE device from TOTOLINK Corporation. It aims to provide fast and convenient NR fixed data services for homes and offices. The TOTOLINK NR1800X version 9.1.0u.6279B20210910 contains a vulnerability that stems from the operation of the...
PT-2026-36294
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279 B20210910. This affects the function sub 41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now publ...
EUVD-2024-50523
Malicious code in bioql PyPI...
EUVD-2022-47200
Malicious code in bioql PyPI...
CVE-2024-53333
TOTOLINK EX200 v4.0.3c.7646B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter...
CVE-2022-44251
TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the ussd parameter in the setUssd function...
CVE-2024-53333
TOTOLINK EX200 v4.0.3c.7646B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter...
CVE-2024-53333
TOTOLINK EX200 v4.0.3c.7646B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter...
PT-2024-35724 · Totolink · Totolink Ex200
Name of the Vulnerable Software and Affected Versions: TOTOLINK EX200 version 4.0.3c.7646 B20201211 Description: The issue is related to a command insertion vulnerability in the setUssd function. This allows an attacker to execute arbitrary commands via the ussd parameter. Recommendations: For...
CVE-2024-53333
TOTOLINK EX200 v4.0.3c.7646B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter...
CVE-2024-53333
TOTOLINK EX200 v4.0.3c.7646B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter...
CVE-2024-53333
Totolink EX200 (v4.0.3c.7646_B20201211) contains a command-injection vulnerability in the setUssd function, allowing arbitrary commands to be executed via the ussd parameter. The CVE entry notes a network-exposed, low-privilege path with required user interaction and a high impact on availability...
The vulnerability of the setUssd function (/cgi-bin/cstecgi.cgi) of the Totolink LR1200GB router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the setUssd function /cgi-bin/cstecgi.cgi in the Totolink LR1200GB router microprogramming software exists due to the lack of measures to neutralize specific elements. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...