CVE-2026-5691 | Totolink A7100RU 7.4cu.2313_b20191024 /cgi-bin/cstecgi.cgi setFirewallType firewallType os command injection

Inserito da Angelo Barbosa | Apr 6, 2026 | CVE

A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setFirewallType of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument firewallType leads to os command injection.

This vulnerability is uniquely identified as CVE-2026-5691. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-5691 | Totolink A7100RU 7.4cu.2313_b20191024 /cgi-bin/cstecgi.cgi setFirewallType firewallType os command injection

Post correlati

CVE-2024-38477 | Apache HTTP Server up to 2.4.59 mod_proxy denial of service

CVE-2023-6408 | Schneider Electric Modicon M340 CPU improper enforcement of message integrity (SEVD-2024-044-01)

CVE-2025-5531 | Employee Directory Plugin up to 4.5.0 on WordPress Shortcode emd_mb_meta cross site scripting

CVE-2025-10761 | Harness 3.3.0 Login Endpoint /api/v1/login excessive authentication