VYPR

A7100RU

by Totolink

CVEs (72)

  • CVE-2026-5993CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.02

    A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wifiOff leads to os command injection. The attack can…

  • CVE-2026-5978CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.02

    A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument mode leads to os command injection. The attack can be…

  • CVE-2026-5977CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.02

    A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wifiOff can lead to os command injection. It is possible to…

  • CVE-2026-5976CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.02

    A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sambaEnabled results in os command injection. It is…

  • CVE-2026-5975CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.02

    A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be…

  • CVE-2026-5854CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.18

    A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument merge results in os command injection. It is…

  • CVE-2026-5852CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.14

    A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument igmpVer causes os command injection. The attack is possible to be carried…

  • CVE-2026-5851CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.14

    A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable results in os command injection. The attack can be executed…

  • CVE-2026-5850CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.16

    A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru leads to os command injection. Remote exploitation of the…

  • CVE-2023-6906CriDec 18, 2023
    risk 0.64cvss 9.8epss 0.02

    A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag with the input ie8…

  • CVE-2023-33556CriJun 7, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg.

  • CVE-2023-30054CriMay 5, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payload.

  • CVE-2023-30053CriMay 5, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection.

  • CVE-2023-26978CriApr 7, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg.

  • CVE-2023-26848CriApr 7, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules.

  • CVE-2023-27232CriMar 28, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg.

  • CVE-2023-27231CriMar 28, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg.

  • CVE-2023-27229CriMar 28, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg.

  • CVE-2023-27135CriMar 23, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg.

  • CVE-2023-25395CriMar 8, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 router was discovered to contain a command injection vulnerability via the ou parameter at /setting/delStaticDhcpRules.