A7100RU
by Totolink
CVEs (72)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-5993 | Cri | 0.64 | 9.8 | 0.02 | Apr 10, 2026 | A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wifiOff leads to os command injection. The attack can… | ||
| CVE-2026-5978 | Cri | 0.64 | 9.8 | 0.02 | Apr 9, 2026 | A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument mode leads to os command injection. The attack can be… | ||
| CVE-2026-5977 | Cri | 0.64 | 9.8 | 0.02 | Apr 9, 2026 | A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wifiOff can lead to os command injection. It is possible to… | ||
| CVE-2026-5976 | Cri | 0.64 | 9.8 | 0.02 | Apr 9, 2026 | A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sambaEnabled results in os command injection. It is… | ||
| CVE-2026-5975 | Cri | 0.64 | 9.8 | 0.02 | Apr 9, 2026 | A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be… | ||
| CVE-2026-5854 | Cri | 0.64 | 9.8 | 0.18 | Apr 9, 2026 | A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument merge results in os command injection. It is… | ||
| CVE-2026-5852 | Cri | 0.64 | 9.8 | 0.14 | Apr 9, 2026 | A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument igmpVer causes os command injection. The attack is possible to be carried… | ||
| CVE-2026-5851 | Cri | 0.64 | 9.8 | 0.14 | Apr 9, 2026 | A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable results in os command injection. The attack can be executed… | ||
| CVE-2026-5850 | Cri | 0.64 | 9.8 | 0.16 | Apr 9, 2026 | A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru leads to os command injection. Remote exploitation of the… | ||
| CVE-2023-6906 | Cri | 0.64 | 9.8 | 0.02 | Dec 18, 2023 | A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag with the input ie8… | ||
| CVE-2023-33556 | Cri | 0.64 | 9.8 | 0.02 | Jun 7, 2023 | TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg. | ||
| CVE-2023-30054 | Cri | 0.64 | 9.8 | 0.02 | May 5, 2023 | TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payload. | ||
| CVE-2023-30053 | Cri | 0.64 | 9.8 | 0.02 | May 5, 2023 | TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection. | ||
| CVE-2023-26978 | Cri | 0.64 | 9.8 | 0.02 | Apr 7, 2023 | TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg. | ||
| CVE-2023-26848 | Cri | 0.64 | 9.8 | 0.02 | Apr 7, 2023 | TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules. | ||
| CVE-2023-27232 | Cri | 0.64 | 9.8 | 0.02 | Mar 28, 2023 | TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg. | ||
| CVE-2023-27231 | Cri | 0.64 | 9.8 | 0.02 | Mar 28, 2023 | TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg. | ||
| CVE-2023-27229 | Cri | 0.64 | 9.8 | 0.02 | Mar 28, 2023 | TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg. | ||
| CVE-2023-27135 | Cri | 0.64 | 9.8 | 0.02 | Mar 23, 2023 | TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg. | ||
| CVE-2023-25395 | Cri | 0.64 | 9.8 | 0.02 | Mar 8, 2023 | TOTOlink A7100RU V7.4cu.2313_B20191024 router was discovered to contain a command injection vulnerability via the ou parameter at /setting/delStaticDhcpRules. |
- risk 0.64cvss 9.8epss 0.02
A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wifiOff leads to os command injection. The attack can…
- risk 0.64cvss 9.8epss 0.02
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument mode leads to os command injection. The attack can be…
- risk 0.64cvss 9.8epss 0.02
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wifiOff can lead to os command injection. It is possible to…
- risk 0.64cvss 9.8epss 0.02
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sambaEnabled results in os command injection. It is…
- risk 0.64cvss 9.8epss 0.02
A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be…
- risk 0.64cvss 9.8epss 0.18
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument merge results in os command injection. It is…
- risk 0.64cvss 9.8epss 0.14
A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument igmpVer causes os command injection. The attack is possible to be carried…
- risk 0.64cvss 9.8epss 0.14
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable results in os command injection. The attack can be executed…
- risk 0.64cvss 9.8epss 0.16
A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru leads to os command injection. Remote exploitation of the…
- risk 0.64cvss 9.8epss 0.02
A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag with the input ie8…
- risk 0.64cvss 9.8epss 0.02
TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg.
- risk 0.64cvss 9.8epss 0.02
TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payload.
- risk 0.64cvss 9.8epss 0.02
TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection.
- risk 0.64cvss 9.8epss 0.02
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg.
- risk 0.64cvss 9.8epss 0.02
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules.
- risk 0.64cvss 9.8epss 0.02
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg.
- risk 0.64cvss 9.8epss 0.02
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg.
- risk 0.64cvss 9.8epss 0.02
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg.
- risk 0.64cvss 9.8epss 0.02
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg.
- risk 0.64cvss 9.8epss 0.02
TOTOlink A7100RU V7.4cu.2313_B20191024 router was discovered to contain a command injection vulnerability via the ou parameter at /setting/delStaticDhcpRules.
Page 2 of 4