Vulnerabilities

Report: CVE-2026-5976 - Totolink A7100RU CGI cstecgi.cgi setStorageCfg os command injection - Full Analysis

2026-04-09 0 views admin

CVE ID :CVE-2026-5976 Published : April 9, 2026, 8:16 p.m. | 51 minutes ago Description :A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sambaEnabled results in os command injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. Severity: 10.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-5976

Severity

HIGH

Published

April 9, 2026

Impact: command injection

🏷️ Tags

reporttotolinka7100rucstecgisetstoragecfgcommandinjectionanalysiscvecve-2026-5976

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-5976 - Totolink A7100RU CGI cstecgi.cgi setStorageCfg os command injection - Full Analysis

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-34734 - HDF5: H5T__conv_struct Use After Free - Analysis

Report: Essential Guide: CVE-2026-34500 - Apache Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is d...

Report: Complete Guide to CVE-2026-34487 - Apache Tomcat: Cloud membership for clustering component exposed the Kubernetes ...

Report: CVE-2026-34486 - Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting