CVE-2026-5853 | Totolink A7100RU 7.4cu.2313_b20191024 CGI /cgi-bin/cstecgi.cgi setIpv6LanCfg addrPrefixLen os command injection

Inserito da Angelo Barbosa | Apr 8, 2026 | CVE

A vulnerability categorized as critical has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument addrPrefixLen leads to os command injection.

This vulnerability is listed as CVE-2026-5853. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-5853 | Totolink A7100RU 7.4cu.2313_b20191024 CGI /cgi-bin/cstecgi.cgi setIpv6LanCfg addrPrefixLen os command injection

Post correlati

CVE-2026-33186 | grpc grpc-go up to 1.79.2 improper authorization

CVE-2025-56406 | mcp-neo4j 0.3.0 SSE Service information disclosure

CVE-2024-0361 | PHPGurukul Hospital Management System 1.0 admin/contact.php mobnum sql injection

CVE-2024-53976 | Mozilla Firefox up to 132 on iOS clickjacking