38 matches found
CVE-2026-7548
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...
CVE-2026-7548
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...
CVE-2026-7548
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...
CVE-2026-7548 Totolink NR1800X cstecgi.cgi sub_41A68C command injection
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...
EUVD-2026-26472
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...
CVE-2026-7548 Totolink NR1800X cstecgi.cgi sub_41A68C command injection
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279B20210910. This affects the function sub41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now public...
CVE-2026-7548
Totolink NR1800X firmware 9.1.0u.6279_B20210910 is affected. Vulnerable component: /cgi-bin/cstecgi.cgi, function sub_41A68C; manipulating the argument setUssd enables remote command injection. Exploit public. CVSS metrics indicate high impact and network-based access with low complexity. Impact ...
TOTOLINK NR1800X 注入漏洞
TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE device from TOTOLINK Corporation. It aims to provide fast and convenient NR fixed data services for homes and offices. The TOTOLINK NR1800X version 9.1.0u.6279B20210910 contains a vulnerability that stems from the operation of the...
PT-2026-36294
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279 B20210910. This affects the function sub 41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now publ...
EUVD-2022-47200
Malicious code in bioql PyPI...
EUVD-2024-50523
Malicious code in bioql PyPI...
CVE-2024-53333
TOTOLINK EX200 v4.0.3c.7646B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter...
CVE-2022-44251
TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the ussd parameter in the setUssd function...
CVE-2024-53333
TOTOLINK EX200 v4.0.3c.7646B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter...
CVE-2024-53333
TOTOLINK EX200 v4.0.3c.7646B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter...
CVE-2024-53333
TOTOLINK EX200 v4.0.3c.7646B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter...
PT-2024-35724 · Totolink · Totolink Ex200
Name of the Vulnerable Software and Affected Versions: TOTOLINK EX200 version 4.0.3c.7646 B20201211 Description: The issue is related to a command insertion vulnerability in the setUssd function. This allows an attacker to execute arbitrary commands via the ussd parameter. Recommendations: For...
CVE-2024-53333
Totolink EX200 (v4.0.3c.7646_B20201211) contains a command-injection vulnerability in the setUssd function, allowing arbitrary commands to be executed via the ussd parameter. The CVE entry notes a network-exposed, low-privilege path with required user interaction and a high impact on availability...
CVE-2024-53333
TOTOLINK EX200 v4.0.3c.7646B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter...
The vulnerability of the setUssd function (/cgi-bin/cstecgi.cgi) of the Totolink LR1200GB router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the setUssd function /cgi-bin/cstecgi.cgi in the Totolink LR1200GB router microprogramming software exists due to the lack of measures to neutralize specific elements. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...