EUVD-2026-31760

A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument webWlanIdx leads to os command injection. It is possible to launch the attack remotely. The...

PT-2026-36749

Name of the Vulnerable Software and Affected Versions Totolink WA300 version 5.2cu.7112 B20190227 Description An issue exists in the POST Request Handler component where the manipulation of the webWlanIdx argument in the setWebWlanIdx function of the '/cgi-bin/cstecgi.cgi' endpoint allows for...

CVE-2026-3301

A security flaw has been discovered in Totolink N300RH 6.1c.1353B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument webWlanIdx results in os command injection...

CVE-2026-3301 Totolink N300RH Web Management cstecgi.cgi setWebWlanIdx os command injection

A security flaw has been discovered in Totolink N300RH 6.1c.1353B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument webWlanIdx results in os command injection...

EUVD-2024-34686

Malicious code in bioql PyPI...

EUVD-2025-12271

Malicious code in bioql PyPI...

EUVD-2022-32937

Malicious code in bioql PyPI...

CVE-2022-28909

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx...

CVE-2025-44847

TOTOLINK CA600-PoE V5.3c.6665B20180820 was found to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2025-44847

TOTOLINK CA600-PoE V5.3c.6665B20180820 was found to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2025-44847

CVE-2025-44847 affects TOTOLINK CA600-PoE, specifically version 5.3c.6665_B20180820. The root cause is a command injection vulnerability in the setWebWlanIdx function triggered by the webWlanIdx parameter, allowing an attacker to execute arbitrary commands via a crafted request. CVSS metrics (rep...

TOTOLINK EX1200T Command Execution Vulnerability

The TOTOLINK EX1200T is a wireless router from TOTOLINK that offers convenient network connectivity and management features. The TOTOLINK EX1200T suffers from a command execution vulnerability that originates from the presence of a pre-authenticated remote command execution of the webWlanIdx...

CVE-2025-28038

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter...

CVE-2025-28038

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter...

TOTOLINK EX1200T 安全漏洞

The TOTOLINK EX1200T is a wireless router from TOTOLINK that offers convenient network connectivity and management features. The TOTOLINK EX1200T suffers from a command execution vulnerability that originates from the presence of a pre-authenticated remote command execution of the webWlanIdx...

CVE-2025-28038

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter...

CVE-2025-28038

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter...

CVE-2024-34206

TOTOLINK outdoor CPE CP450 v4.1.0cu.747B20191224 was discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter...

CVE-2024-34206

TOTOLINK outdoor CPE CP450 v4.1.0cu.747B20191224 was discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter...

TOTOLINK EX200 setWebWlanIdx Method Code Execution Vulnerability

TOTOLINK EX200 is a wireless N range extender from China Gion Electronics TOTOLINK , which is mainly used to extend the coverage of the existing Wi-Fi network and solve the problem of signal blind zones. A code execution vulnerability exists in the TOTOLINK EX200, which stems from the webWlanIdx...