CVE-2026-5678 | Totolink A7100RU 7.4cu.2313_b20191024 /cgi-bin/cstecgi.cgi setScheduleCfg mode os command injection

Inserito da Angelo Barbosa | Apr 6, 2026 | CVE

A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument mode can lead to os command injection.

The identification of this vulnerability is CVE-2026-5678. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2026-5678 | Totolink A7100RU 7.4cu.2313_b20191024 /cgi-bin/cstecgi.cgi setScheduleCfg mode os command injection

Post correlati

CVE-2025-4473 | Frontend Dashboard Plugin up to 1.0/1.5.10/2.2.7 on WordPress ajax_request authorization

CVE-2024-0769 | D-Link DIR-859 1.06B01 HTTP POST Request /hedwig.cgi service path traversal

CVE-2024-2939 | Campcodes Online Examination System 1.0 updateExaminee.php id cross site scripting

CVE-2025-27142 | LocalSend up to 1.16.x prepare-upload path traversal (GHSA-f7jp-p6j4-3522)