CVE-2026-6116 | Totolink A7100RU 7.4cu.2313_b20191024 CGI /cgi-bin/cstecgi.cgi setDiagnosisCfg ip os command injection

Inserito da Angelo Barbosa | Apr 11, 2026 | CVE

A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024 and classified as critical. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument ip leads to os command injection.

This vulnerability is referenced as CVE-2026-6116. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2026-6116 | Totolink A7100RU 7.4cu.2313_b20191024 CGI /cgi-bin/cstecgi.cgi setDiagnosisCfg ip os command injection

Post correlati

CVE-2024-30101 | Microsoft unknown vulnerability

CVE-2026-5809 | tomdever wpForo Forum Plugin up to 3.0.2 on WordPress topic_add body file inclusion

CVE-2024-21728 | SmartCalc osTicky up to 2.2.7 on Joomla URL return redirect

CVE-2025-6196 | GNOME libgepub EPUB File Parser integer overflow