CVE-2026-5688 | Totolink A7100RU 7.4cu.2313_b20191024 /cgi-bin/cstecgi.cgi setDdnsCfg provider os command injection

Inserito da Angelo Barbosa | Apr 6, 2026 | CVE

A vulnerability described as critical has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument provider leads to os command injection.

This vulnerability is traded as CVE-2026-5688. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2026-5688 | Totolink A7100RU 7.4cu.2313_b20191024 /cgi-bin/cstecgi.cgi setDdnsCfg provider os command injection

Post correlati

CVE-2024-23060 | Totolink A3300R 17.0.0cu.557_B20221024 setDmzCfg ip command injection

CVE-2023-52713 | Huawei HarmonyOS/EMUI Window Management Module permission

CVE-2024-11058 | CodeAstro Real Estate Management System up to 1.0 About Us Page /aboutedit.php id sql injection

CVE-2025-51733 | HCL Unica 12.0.0 cross-site request forgery