Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/04/29 2:48 p.m.7 views

CVE-2026-7240

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument User leads to os command injection. The attack can be executed remotely...

10CVSS8.1AI score0.02426EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/28 7:15 a.m.6 views

CVE-2026-7240

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument User leads to os command injection. The attack can be executed remotely...

10CVSS5.3AI score0.02426EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/04/28 7:15 a.m.38 views

CVE-2026-7240 Totolink A8000RU CGI cstecgi.cgi setVpnAccountCfg os command injection

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument User leads to os command injection. The attack can be executed remotely...

10CVSS0.02426EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/28 7:15 a.m.7 views

EUVD-2026-26010

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument User leads to os command injection. The attack can be executed remotely...

10CVSS8.1AI score0.02426EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.9 views

TOTOLINK A8000RU 命令注入漏洞

TOTOLINK A8000RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A8000RU 7.1cu.643b20200521 version contains a command injection vulnerability. This vulnerability stems from the operation of the User parameter in the setVpnAccountCfg function of the /cgi-bin/cstecgi.cgi...

10CVSS7.3AI score0.02426EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/10 6:30 a.m.42 views

CVE-2026-6029 Totolink A7100RU CGI cstecgi.cgi setVpnAccountCfg os command injection

A vulnerability was detected in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument User results in os command injection. The attack may be launched remotely. Th...

10CVSS0.02981EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/01/22 12:0 a.m.8 views

The vulnerability of the setVpnAccountCfg function in the microprogramming software for TOTOLINK X5000R allows a perpetrator to execute arbitrary commands.

The vulnerability of the setVpnAccountCfg function in TOTOLINK X5000R router microprogramming software lies in the lack of measures to neutralize special elements used in the operating system’s processing of the limit parameter. Exploiting this vulnerability allows a remote attacker to execute...

10CVSS8.3AI score0.01573EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/01/15 5:15 p.m.4 views

CVE-2024-57019

TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "limit" parameter in setVpnAccountCfg...

8.8CVSS7.5AI score0.01573EPSS
Exploits1References2
Prion
Prion
added 2020/01/13 2:15 p.m.17 views

Cross site request forgery (csrf)

Freebox OS Web interface 3.0.2 has CSRF which can allow VPN user account creation...

4.3CVSS7.2AI score0.00794EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder