Totolink A7100Ru vulnerabilities

CVE-2026-5993 [HIGH] CWE-77 CVE-2026-5993: A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wifiOff leads to os command injection. The attack can be executed remotely. The exploit is publicly available and might be used.

CVE-2026-5994 [HIGH] CWE-77 CVE-2026-5994: A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This issue affects the A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This issue affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument telnet_enabled results in os command injection. The attack is possible to be carried out remotely. The exploit has been released

CVE-2026-5997 [HIGH] CWE-77 CVE-2026-5997: A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the f A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setLoginPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument admpass results in os command injection. It is possible to launch the attack remotely. The exploit is now public and may be used.

CVE-2026-6029 [HIGH] CWE-77 CVE-2026-6029: A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the f A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument User results in os command injection. The attack may be launched remotely. The exploit is now public and may be used.

CVE-2026-5977 [HIGH] CWE-77 CVE-2026-5977: A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function s A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wifiOff can lead to os command injection. It is possible to launch the attack remotely. The exploit has been made available to the public

CVE-2026-5852 [HIGH] CWE-77 CVE-2026-5852: A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function se A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument igmpVer causes os command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be

CVE-2026-5975 [HIGH] CWE-77 CVE-2026-5975: A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used.

CVE-2026-5978 [HIGH] CWE-77 CVE-2026-5978: A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument mode leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.

CVE-2026-5976 [HIGH] CWE-77 CVE-2026-5976: A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This affects the funct A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sambaEnabled results in os command injection. It is possible to initiate the attack remotely. The exploit has been released to the pu

CVE-2026-5854 [HIGH] CWE-77 CVE-2026-5854: A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument merge results in os command injection. It is possible to initiate the attack remotely. The exploit is now public and may be us

CVE-2026-5853 [HIGH] CWE-77 CVE-2026-5853: A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by thi A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument addrPrefixLen leads to os command injection. The attack may be performed from remote. The exploit has been disclo

CVE-2026-5851 [HIGH] CWE-77 CVE-2026-5851: A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the funct A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable results in os command injection. The attack can be executed remotely. The exploit has been released to the public and may be used for atta

CVE-2026-5850 [HIGH] CWE-77 CVE-2026-5850: A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function s A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru leads to os command injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

CVE-2026-5692 [MEDIUM] CWE-77 CVE-2026-5692: A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setGam A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setGameSpeedCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection. The attack may be performed from remote. The exploit has been made public and could be used.

CVE-2026-5688 [MEDIUM] CWE-77 CVE-2026-5688: A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

CVE-2026-5677 [MEDIUM] CWE-77 CVE-2026-5677: A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the functi A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument resetFlags results in os command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.

CVE-2026-5678 [MEDIUM] CWE-77 CVE-2026-5678: A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument mode can lead to os command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attack

CVE-2026-5689 [MEDIUM] CWE-77 CVE-2026-5689: A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the f A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setNtpCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument tz results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

CVE-2026-5691 [MEDIUM] CWE-77 CVE-2026-5691: A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function s A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setFirewallType of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument firewallType leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

CVE-2026-5690 [MEDIUM] CWE-77 CVE-2026-5690: A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used.