CVE-2026-5677 | Totolink A7100RU 7.4cu.2313_b20191024 /cgi-bin/cstecgi.cgi CsteSystem resetFlags os command injection

Inserito da Angelo Barbosa | Apr 6, 2026 | CVE

A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument resetFlags results in os command injection.

This vulnerability was named CVE-2026-5677. The attack may be initiated remotely. In addition, an exploit is available.

CVE-2026-5677 | Totolink A7100RU 7.4cu.2313_b20191024 /cgi-bin/cstecgi.cgi CsteSystem resetFlags os command injection

Post correlati

CVE-2024-20718 | Adobe Commerce cross-site request forgery (apsb24-03)

CVE-2024-53841 | Google Android startListeningForDeviceStateChanges permission

CVE-2024-57549 | CMSimple up to 5.16 source code

CVE-2026-23082 | Linux Kernel up to 6.12.67/6.18.7/6.19-rc5/6.19-rc6 gs_usb_receive_bulk_callback memory leak