Platform
linux
Component
totolink-a7100ru
Fixed in
7.4.1
CVE-2026-5677 describes a Command Injection vulnerability discovered in the Totolink A7100RU router. This flaw allows attackers to remotely execute arbitrary operating system commands, potentially granting them complete control over the device. The vulnerability affects routers running versions 7.4cu.2313b20191024–7.4cu.2313b20191024, and a public exploit is already available.
The impact of CVE-2026-5677 is significant due to the remote nature of the exploit and the potential for complete system takeover. An attacker could leverage this vulnerability to modify router configurations, intercept network traffic, install malware, or use the compromised router as a pivot point to attack other devices on the network. Successful exploitation could lead to data breaches, denial of service, and further compromise of the internal network. The availability of a public exploit significantly increases the risk of widespread exploitation.
CVE-2026-5677 is actively being exploited due to the public availability of a proof-of-concept. The vulnerability has been added to the CISA KEV catalog, indicating a high probability of exploitation. Attackers are likely to scan for vulnerable routers and attempt to exploit this vulnerability to gain unauthorized access to networks.
Exploit Status
EPSS
4.86% (90% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-5677 is to upgrade the Totolink A7100RU router to a patched firmware version as soon as it becomes available. In the absence of a patch, implement strict firewall rules to limit access to the /cgi-bin/cstecgi.cgi endpoint. Consider deploying a Web Application Firewall (WAF) with rules to detect and block command injection attempts targeting the resetFlags parameter. Monitor router logs for suspicious activity, particularly attempts to execute unusual commands. After applying mitigations, verify functionality by attempting to access the affected endpoint and confirming that the request is blocked or sanitized.
Update the Totolink A7100RU router firmware to a version corrected by the manufacturer. Consult the official Totolink website or contact technical support for the latest firmware version and update instructions. This vulnerability allows operating system command injection, so it is crucial to apply the update to mitigate the risk.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5677 is a Command Injection vulnerability affecting Totolink A7100RU routers, allowing remote code execution via the resetFlags parameter in /cgi-bin/cstecgi.cgi.
You are affected if your Totolink A7100RU router is running versions 7.4cu.2313b20191024–7.4cu.2313b20191024 and has not been patched.
Upgrade to the latest firmware version as soon as it's available. If a patch isn't available, implement firewall rules and WAF protections to block malicious requests.
Yes, CVE-2026-5677 is actively being exploited due to the public availability of a proof-of-concept and its inclusion in the CISA KEV catalog.
Refer to the Totolink security advisory page for updates and official announcements regarding CVE-2026-5677.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.