CVE-2026-5690 | Totolink A7100RU 7.4cu.2313_b20191024 /cgi-bin/cstecgi.cgi setRemoteCfg enable os command injection

Inserito da Angelo Barbosa | Apr 6, 2026 | CVE

A vulnerability classified as critical was found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument enable can lead to os command injection.

This vulnerability is handled as CVE-2026-5690. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2026-5690 | Totolink A7100RU 7.4cu.2313_b20191024 /cgi-bin/cstecgi.cgi setRemoteCfg enable os command injection

Post correlati

CVE-2025-20104 | Intel Administrative Tools up to 29.3 race condition (intel-sa-01293)

CVE-2025-1807 | Eastnets PaymentSafe 2.5.26.0 Edit Manual Reply /directRouter.rfc Title cross site scripting

CVE-2025-0753 | Axiomatic Bento4 up to 1.6.0 mp42aac ReadPartial heap-based overflow

CVE-2023-6653 | PHPGurukul Teacher Subject Allocation Management System 1.0 Create a new Subject /admin/subject.php cid cross-site request forgery