CVE-2026-7243 | Totolink A8000RU 7.1cu.643_b20200521 CGI /cgi-bin/cstecgi.cgi setRadvdCfg maxRtrAdvInterval os command injection

Inserito da Angelo Barbosa | Apr 27, 2026 | CVE

A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. It has been rated as critical. The affected element is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument maxRtrAdvInterval leads to os command injection.

This vulnerability is traded as CVE-2026-7243. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2026-7243 | Totolink A8000RU 7.1cu.643_b20200521 CGI /cgi-bin/cstecgi.cgi setRadvdCfg maxRtrAdvInterval os command injection

Post correlati

CVE-2024-5479 | JEVNET Easy Pixels Plugin up to 2.13 on WordPress cross site scripting

CVE-2023-43487 | Intel CST prior 2.1.10300 access control (intel-sa-01021)

CVE-2025-62330 | HCL DevOps Deploy cleartext transmission (KB0127333)

CVE-2025-6520 | Abis BAPSIS prior 202510271606 sql injection