CVE-2026-6115 | Totolink A7100RU 7.4cu.2313_b20191024 CGI /cgi-bin/cstecgi.cgi setAppCfg enable os command injection

Inserito da Angelo Barbosa | Apr 11, 2026 | CVE

A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection.

The identification of this vulnerability is CVE-2026-6115. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2026-6115 | Totolink A7100RU 7.4cu.2313_b20191024 CGI /cgi-bin/cstecgi.cgi setAppCfg enable os command injection

Post correlati

CVE-2023-5757 | WP Crowdfunding Plugin up to 2.1.7 on WordPress Setting cross site scripting

CVE-2024-8788 | EU UK VAT Manager for WooCommerce Plugin up to 2.12.12 on WordPress cross site scripting

CVE-2024-42903 | LimeSurvey up to 6.6.1+240806 Header Host redirect

CVE-2023-51801 | Simple Student Attendance System 1.0 student_form.php id sql injection