CVE-2026-5996

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024

Description A security issue exists in the Totolink A7100RU router. The setAdvancedInfoShow function within the CGI Handler component, specifically in the file /cgi-bin/cstecgi.cgi, is susceptible to OS command injection. This occurs through manipulation of the tty server argument. The attack can be initiated remotely. The exploit has been publicly disclosed.

Recommendations For Totolink A7100RU version 7.4cu.2313 b20191024, at the moment, there is no information about a newer version that contains a fix for this vulnerability.