Critical severity9.8NVD Advisory· Published Apr 13, 2026· Updated Apr 27, 2026
CVE-2026-6139
CVE-2026-6139
Description
A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.