EUVD-2026-21808

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wizard results in os command injection. The attack may be initiat...

The vulnerability of the setWizardCfg function in the /cgi-bin/cstecgi.cgi file of the TOTOLINK N350RT router’s software, which allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the setWizardCfg function in the /cgi-bin/cstecgi.cgi file of the TOTOLINK N350RT router microprogramming system is related to the issue of data being written outside of the buffer in memory when processing the ssid parameter. Exploiting this vulnerability allows an attacker ...

CVE-2024-37637

TOTOLINK A3700R V9.1.2u.616520211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg...

PT-2023-31737 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue allows for unauthorized arbitrary command execution. This is possible through the merge parameter of the "setRptWizardCfg" interface in the "cstecgi.cgi" endpoint...