CVE-2026-7244 | Totolink A8000RU 7.1cu.643_b20200521 CGI /cgi-bin/cstecgi.cgi setWiFiEasyGuestCfg merge os command injection

Inserito da Angelo Barbosa | Apr 27, 2026 | CVE

A vulnerability categorized as critical has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge results in os command injection.

This vulnerability is known as CVE-2026-7244. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2026-7244 | Totolink A8000RU 7.1cu.643_b20200521 CGI /cgi-bin/cstecgi.cgi setWiFiEasyGuestCfg merge os command injection

Post correlati

CVE-2024-7713 | AYS AI ChatBot with ChatGPT and Content Generator Plugin Open AI API Key information disclosure

CVE-2024-39546 | Juniper Networks Junos OS Evolved prior 23.2R2-EVO Socket Intercept Command File Interface authorization (JSA83008)

CVE-2026-28417 | vim up to 9.2.0072 URL cross site scripting (GHSA-m3xh-9434-g336)

CVE-2025-58281 | Huawei HarmonyOS 5.0.1/5.1.0 Runtime Interpreter out-of-bounds