Platform
linux
Component
totolink-a7100ru
Fixed in
7.4.1
A critical Command Injection vulnerability (CVE-2026-5993) has been identified in the Totolink A7100RU router. This flaw allows remote attackers to execute arbitrary operating system commands, potentially gaining full control of the device. The vulnerability impacts firmware versions 7.4cu.2313_b20191024 and a public exploit is already available, increasing the risk of immediate exploitation.
The impact of this vulnerability is severe. Successful exploitation allows an attacker to execute arbitrary commands on the router with the privileges of the CGI Handler process. This could lead to complete system compromise, including data theft, configuration modification, and the use of the router as a pivot point for attacks against internal network resources. Given the publicly available exploit, the risk of widespread exploitation is high. The router's role as a network gateway makes it a prime target for attackers seeking to gain access to the internal network.
CVE-2026-5993 is a high-priority vulnerability due to its CRITICAL CVSS score and the availability of a public exploit. The exploit's public nature significantly increases the likelihood of exploitation. No KEV listing or confirmed exploitation campaigns are currently known as of the publication date, but the ease of exploitation suggests active scanning and potential attacks are probable. The vulnerability was publicly disclosed on 2026-04-10.
Exploit Status
EPSS
1.25% (79% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade the Totolink A7100RU firmware to a patched version. Unfortunately, a fixed version is not specified in the provided data. Until a patch is available, consider implementing temporary workarounds such as restricting access to the /cgi-bin/cstecgi.cgi endpoint via a firewall or WAF. Monitor router logs for suspicious activity, particularly attempts to access the vulnerable endpoint with unusual parameters. Implement strict input validation on any user-supplied data used in system commands.
Update the firmware of the Totolink A7100RU device to a version corrected by the manufacturer. Refer to the official Totolink website for the latest firmware version and update instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5993 is a critical vulnerability allowing remote command execution on the Totolink A7100RU router via manipulation of the wifiOff parameter in /cgi-bin/cstecgi.cgi. A public exploit is available.
You are affected if your Totolink A7100RU router is running firmware version 7.4cu.2313_b20191024 and has not been upgraded to a patched version. Check your firmware version immediately.
The recommended fix is to upgrade to a patched firmware version. Unfortunately, a fixed version is not specified. Until a patch is available, consider firewall restrictions and log monitoring as temporary mitigations.
While no confirmed exploitation campaigns are currently known, the availability of a public exploit suggests active scanning and potential attacks are probable. The risk is considered high.
Refer to the Totolink website or security announcements for the latest advisory regarding CVE-2026-5993 and available firmware updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.