← Zuruck zu CVEs

CVE-2026-7538

CRITICAL

9.8

Beschreibung

A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function Vulnerability of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument proto leads to os command injection. The attack may be initiated remotely. The exploit is publicly available and might be used.

CVE Details

CVSS v3.1 Bewertung9.8

SchweregradCRITICAL

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht5/1/2026

Zuletzt geandert5/1/2026

Quellenvd

Honeypot-Sichtungen0

Schwachen (CWE)

CWE-77CWE-78

Referenzen

https://github.com/Litengzheng/vuldb_new2/blob/main/A8000RU/vul_329/README.md(cna@vuldb.com)

https://vuldb.com/submit/804321(cna@vuldb.com)

https://vuldb.com/vuln/360354(cna@vuldb.com)

https://vuldb.com/vuln/360354/cti(cna@vuldb.com)

https://www.totolink.net/(cna@vuldb.com)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.