CVE-2026-7139 | Totolink A8000RU 7.1cu.643_b20200521 CGI /cgi-bin/cstecgi.cgi setWiFiAclRules mode os command injection

Inserito da Angelo Barbosa | Apr 26, 2026 | CVE

A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. It has been rated as critical. This issue affects the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mode causes os command injection.

This vulnerability is tracked as CVE-2026-7139. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-7139 | Totolink A8000RU 7.1cu.643_b20200521 CGI /cgi-bin/cstecgi.cgi setWiFiAclRules mode os command injection

Post correlati

CVE-2025-52469 | Chamilo LMS up to 1.11.29 AJAX Endpoint behavioral workflow

CVE-2025-7163 | PHPGurukul Zoo Management System 2.1 /admin/add-animals.php cnum sql injection

CVE-2026-21914 | Juniper Junos OS up to 25.2R1-S1 on SRX GPRS Tunnelling Protocol locking (JSA106015)

CVE-2024-22445 | Dell PowerProtect Data Manager up to 19.15 os command injection (dsa-2024-061)