Totolink A7100Ru vulnerabilities

CVE-2026-6155 [HIGH] CWE-77 CVE-2026-6155: A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument pppoeServiceName can lead to os command injection. The attack may be launched remotely. The exploit has been made available to the public and c

CVE-2026-6140 [HIGH] CWE-77 CVE-2026-6140: A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function Upload A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument FileName results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used.

CVE-2026-6154 [HIGH] CWE-77 CVE-2026-6154: A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. The affected element i A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wizard results in os command injection. The attack may be initiated remotely. The exploit has been released to the public a

CVE-2026-6139 [HIGH] CWE-77 CVE-2026-6139: A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function U A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2026-6156 [HIGH] CWE-77 CVE-2026-6156: A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. This affects th A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument Comment leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may b

CVE-2026-6195 [HIGH] CWE-77 CVE-2026-6195: A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by thi A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument admpass leads to os command injection. The attack can be executed remotely. The exploit has been disclosed publicly and

CVE-2026-6138 [HIGH] CWE-77 CVE-2026-6138: A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mac causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used.

CVE-2026-6115 [HIGH] CWE-77 CVE-2026-6115: A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setAppCfg A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used.

CVE-2026-6132 [HIGH] CWE-77 CVE-2026-6132: A vulnerability was determined in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is t A vulnerability was determined in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be uti

CVE-2026-6131 [HIGH] CWE-77 CVE-2026-6131: A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability i A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument command results in os command injection. The attack may be launched remotely. The exploit has been made public and could be used

CVE-2026-6112 [HIGH] CWE-77 CVE-2026-6112: A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function se A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be u

CVE-2026-6114 [HIGH] CWE-77 CVE-2026-6114: A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setNetworkCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument proto results in os command injection. The attack may be initiated remotely. The exploit is now public and may be used.

CVE-2026-6113 [HIGH] CWE-77 CVE-2026-6113: A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by thi A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTtyServiceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument ttyEnable leads to os command injection. The attack can be launched remotely. The exploit has been disclosed p

CVE-2026-6116 [HIGH] CWE-77 CVE-2026-6116: A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and ma

CVE-2026-5995 [HIGH] CWE-77 CVE-2026-5995: A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function se A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument lan_info can lead to os command injection. The attack may be performed from remote. The exploit has been made available to the publi

CVE-2026-5996 [HIGH] CWE-77 CVE-2026-5996: A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected el A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setAdvancedInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument tty_server leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclos

CVE-2026-6027 [HIGH] CWE-77 CVE-2026-6027: A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This issue affects the func A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This issue affects the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection. The attack can be launched remotely. The exploit has been made available to the public a

CVE-2026-6025 [HIGH] CWE-77 CVE-2026-6025: A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function s A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

CVE-2026-6028 [HIGH] CWE-77 CVE-2026-6028: A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function setPptpServerCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.

CVE-2026-6026 [HIGH] CWE-77 CVE-2026-6026: A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability aff A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setPortalConfWeChat of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument enable results in os command injection. The attack can be initiated remotely. The exploit has been released to th