Platform
linux
Component
totolink-a7100ru
Fixed in
7.4.1
CVE-2026-5689 represents a Command Injection vulnerability discovered in the Totolink A7100RU router. This flaw allows an attacker to execute arbitrary operating system commands on the device, potentially leading to complete system compromise. The vulnerability affects versions 7.4cu.2313_b20191024. Due to the public nature of the exploit and lack of a patch, immediate action is recommended.
A command injection vulnerability has been detected in the Totolink A7100RU router, specifically affecting version 7.4cu.2313_b20191024. This vulnerability resides within the setNtpCfg function of the /cgi-bin/cstecgi.cgi file. A remote attacker can exploit this flaw by manipulating the tz argument, allowing them to execute arbitrary operating system commands on the device. The vulnerability is rated as 7.3 on the CVSS scale, indicating a moderately high risk. The public availability of the exploit exacerbates the situation, making it easier for malicious actors to utilize it. The absence of an official fix (fix: none) necessitates proactive preventative measures from users.
CVE-2026-5689 allows for remote code execution on the Totolink A7100RU. An attacker can send a specially crafted HTTP request to /cgi-bin/cstecgi.cgi, manipulating the tz parameter to inject operating system commands. These commands will execute with the privileges of the router's web process, potentially allowing the attacker to gain full control of the device. The public exploit means attackers now have a proven tool to exploit this vulnerability, significantly increasing the risk of targeted attacks. Insufficient authentication within the setNtpCfg function is the root cause of this vulnerability.
Exploit Status
EPSS
4.86% (90% percentile)
CISA SSVC
CVSS Vector
Given the lack of an official patch to address this vulnerability, Totolink A7100RU users running version 7.4cu.2313_b20191024 are strongly advised to take immediate steps to protect their networks. These measures include, but are not limited to, changing the router's default password to a strong, unique password, disabling remote access to the router's administration interface if not required, and monitoring network activity for signs of intrusion. Considering replacing the router with a model offering updated security support is a long-term option. The absence of a patch makes mitigation more complex and reliant on robust security practices.
Actualice el firmware del router Totolink A7100RU a una versión corregida por el fabricante. Consulte el sitio web de Totolink o contacte con el soporte técnico para obtener la última versión disponible. Esta vulnerabilidad permite la ejecución remota de código, por lo que es crucial aplicar la actualización lo antes posible.
Vulnerability analysis and critical alerts directly to your inbox.
It's a unique identifier for this vulnerability, used to track and reference it in security reports.
It's a type of vulnerability that allows an attacker to execute arbitrary commands on the underlying operating system of the device.
Implement the recommended mitigation measures, such as changing the password and disabling remote access. Consider upgrading to a more secure firmware or replacing the router.
Currently, there is no official fix provided by Totolink (fix: none).
KEV refers to 'Knowledge Environment Vulnerability'. In this case, it indicates that there is no specific knowledge environment for this vulnerability.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.