ReportizFlow
Filtered by vendor Totolink
Subscriptions
Filtered by product A8000ru
Subscriptions
Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-7152 | 1 Totolink | 2 A8000ru, A8000ru Firmware | 2026-04-28 | 9.8 Critical |
| A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument telnet_enabled leads to os command injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-7153 | 1 Totolink | 2 A8000ru, A8000ru Firmware | 2026-04-28 | 9.8 Critical |
| A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sys_info results in os command injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-7154 | 1 Totolink | 2 A8000ru, A8000ru Firmware | 2026-04-28 | 9.8 Critical |
| A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setAdvancedInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument tty_server can lead to os command injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-7155 | 1 Totolink | 2 A8000ru, A8000ru Firmware | 2026-04-28 | 9.8 Critical |
| A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setLoginPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument admpass leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-7156 | 1 Totolink | 2 A8000ru, A8000ru Firmware | 2026-04-28 | 9.8 Critical |
| A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument HTTP results in os command injection. The attack may be launched remotely. The exploit is now public and may be used. | ||||
| CVE-2026-7037 | 1 Totolink | 2 A8000ru, A8000ru Firmware | 2026-04-27 | 9.8 Critical |
| A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru results in os command injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2024-24324 | 1 Totolink | 2 A8000ru, A8000ru Firmware | 2025-06-20 | 9.8 Critical |
| TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root stored in /etc/shadow. | ||||
| CVE-2024-28338 | 1 Totolink | 2 A8000ru, A8000ru Firmware | 2025-04-03 | 8.0 High |
| A login bypass in TOTOLINK A8000RU V7.1cu.643_B20200521 allows attackers to login to Administrator accounts via providing a crafted session cookie. | ||||
Page 1 of 1.