PT-2026-33083

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...

PT-2026-33082

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerabili...

CVE-2026-6114

A vulnerability was detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setNetworkCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument proto results in os command injection. The attack may be initiated...

CVE-2026-6131

A vulnerability was found in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument command results in os command injection. The attack may be launched...

CVE-2026-5993

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wifiOff leads to os command injection. The attack can be executed...

Schneider Electric PowerChute Serial Shutdown 日志信息泄露漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. Schneider Electric PowerChute Serial Shutdown suffers from a log information disclosure vulnerability that can be exploited by an attacker to cause a W...

CVE-2026-6195

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument admpass leads to os command injection. The attack can be...

CVE-2026-6154

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wizard results in os command injection. The attack may be initiat...

CVE-2026-6156

Totolink A7100RU (firmware 7.4cu.2313_b20191024) is affected via CGI Handler’s setIpQosRules function in /cgi-bin/cstecgi.cgi. Manipulating the Comment argument enables os command injection with remote exploitation reported. Public exploits exist. Affected product details and impact are corrobora...

CVE-2026-6155 Totolink A7100RU CGI cstecgi.cgi setWanCfg os command injection

A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument pppoeServiceName can lead to os command injection. The attack may be launched...

CVE-2026-6154 Totolink A7100RU CGI cstecgi.cgi setWizardCfg os command injection

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wizard results in os command injection. The attack may be initiat...

VulnCheck KEV: CVE-2026-33032

Nginx UI is a web user interface for the Nginx web server. In versions 2.3.5 and prior, the nginx-ui MCP Model Context Protocol integration exposes two HTTP endpoints: /mcp and /mcpmessage. While /mcp requires both IP whitelisting and authentication AuthRequired middleware, the /mcpmessage endpoi...

CVE-2026-6132

A vulnerability was determined in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is...

CVE-2026-6114

A vulnerability was detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setNetworkCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument proto results in os command injection. The attack may be initiated...

CVE-2026-6114

A vulnerability was detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setNetworkCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument proto results in os command injection. The attack may be initiated...

CVE-2026-6114

Totolink A7100RU (firmware 7.4cu.2313_b20191024) is affected via the CGI Handler function setNetworkCfg in /cgi-bin/cstecgi.cgi. Manipulating the proto argument yields an OS command injection, with remote feasibility. Public exploit exists (exploit code maturity: PROOF-OF-CONCEPT; CVSSv3.1 base 9...

CVE-2026-6112

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be initiated remotely. The...

CVE-2026-6112 Totolink A7100RU CGI cstecgi.cgi setRadvdCfg os command injection

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be initiated remotely. The...

PT-2026-32189

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A vulnerability exists in the Totolink A7100RU version 7.4cu.2313 b20191024. The setTracerouteCfg function within the /cgi-bin/cstecgi.cgi component CGI Handler is susceptible to OS...

PT-2026-32146

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A security flaw exists in Totolink A7100RU 7.4cu.2313 b20191024. The setTtyServiceCfg function within the CGI Handler component, located in the file /cgi-bin/cstecgi.cgi, is susceptible...