Vulnerabilities

Report: Complete Guide to CVE-2026-5997 - Totolink A7100RU CGI cstecgi.cgi setLoginPasswordCfg os command injection

2026-04-10 0 views admin

CVE ID :CVE-2026-5997 Published : April 10, 2026, 2:16 a.m. | 58 minutes ago Description :A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setLoginPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument admpass results in os command injection. It is possible to launch the attack remotely. The exploit is now public and may be used. Severity: 10.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-5997

Severity

HIGH

Published

April 10, 2026

Impact: command injection

🏷️ Tags

reportcompleteguidetotolinka7100rucstecgisetloginpasswordcfgcommandinjectioncve

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: Complete Guide to CVE-2026-5997 - Totolink A7100RU CGI cstecgi.cgi setLoginPasswordCfg os command injection

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-5999 - JeecgBoot SysAnnouncementController improper authorization

Report: CVE-2026-6000 - code-projects Online Library Management System SQL Database Backup File library.s

Report: - code-projects Simple IT Discussion Forum user.php cross site scripting CVE-2026-6003

Report: CVE-2026-1924 - Aruba HiSpeed Cache <= 3.0.4 - cross-site request forgery to plugin settings reset

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting