CVE-2026-7720 | Totolink WA300 5.2cu.7112_B20190227 POST Request /cgi-bin/cstecgi.cgi setLanguageCfg langType command injection

Inserito da Angelo Barbosa | Mag 3, 2026 | CVE

A vulnerability has been found in Totolink WA300 5.2cu.7112_B20190227 and classified as critical. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument langType causes command injection.

This vulnerability is registered as CVE-2026-7720. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2026-7720 | Totolink WA300 5.2cu.7112_B20190227 POST Request /cgi-bin/cstecgi.cgi setLanguageCfg langType command injection

Post correlati

CVE-2023-49716 | Emerson Rosemount GC370XA 4.1.5 command injection (icsa-24-030-01)

CVE-2025-9028 | code-projects Online Medicine Guide 1.0 /adphar.php phuname sql injection

CVE-2024-38080 | Microsoft Windows Hyper-V integer overflow

CVE-2024-23503 | WPManageNinja Ninja Tables Plugin up to 5.0.6 on WordPress authorization