CVE-2026-5692 | Totolink A7100RU 7.4cu.2313_b20191024 /cgi-bin/cstecgi.cgi setGameSpeedCfg enable os command injection

Inserito da Angelo Barbosa | Apr 6, 2026 | CVE

A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setGameSpeedCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection.

This vulnerability was named CVE-2026-5692. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-5692 | Totolink A7100RU 7.4cu.2313_b20191024 /cgi-bin/cstecgi.cgi setGameSpeedCfg enable os command injection

Post correlati

CVE-2023-6496 | Manage Notification E-mails Plugin up to 1.8.5 on WordPress authorization

CVE-2024-47325 | Themeisle Multiple Page Generator Plugin up to 3.4.7 on WordPress sql injection

CVE-2024-47965 | Delta Electronics CNCSoft-G2 2.1.0.10 out-of-bounds (icsa-24-284-21)

CVE-2024-10625 | vanquish WooCommerce Support Ticket System Plugin up to 17.6 on WordPress wp-config.php delete_tmp_uploaded_file path traversal