CVE-2026-7718 | Totolink WA300 5.2cu.7112_B20190227 POST Request /cgi-bin/cstecgi.cgi setWebWlanIdx webWlanIdx command injection

Inserito da Angelo Barbosa | Mag 3, 2026 | CVE

A vulnerability, which was classified as critical, has been found in Totolink WA300 5.2cu.7112_B20190227. Impacted is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument webWlanIdx leads to command injection.

This vulnerability is listed as CVE-2026-7718. The attack may be initiated remotely. In addition, an exploit is available.

CVE-2026-7718 | Totolink WA300 5.2cu.7112_B20190227 POST Request /cgi-bin/cstecgi.cgi setWebWlanIdx webWlanIdx command injection

Post correlati

CVE-2023-39048: Tokudaya.honten Messages information disclosure

CVE-2024-47092 | Checkmk Exchange Plugin up to 5.8.0 deserialization

CVE-2024-42513 | OPC UA .NET Standard Stack prior 1.5.374.158 HTTPS Endpoint improper authentication

CVE-2024-2553 | SourceCodester Product Review Rating System 1.0 Rate Product Your Name/Comment cross site scripting