Gratis scannen
CRITICALCVE-2026-5994CVSS 9.8

Totolink A7100RU CGI cstecgi.cgi setTelnetCfg OS commando injectie

Platform

linux

Component

totolink-a7100ru

Opgelost in

7.4.1

AI Confidence: highNVDEPSS 1.3%Beoordeeld: apr 2026
Bekijk op NVD
Opslaan
Wordt vertaald naar uw taal…

CVE-2026-5994 represents a critical Command Injection vulnerability identified in the Totolink A7100RU router. This flaw allows attackers to inject and execute arbitrary operating system commands, potentially granting them unauthorized access and control over the device. The vulnerability specifically affects firmware version 7.4cu.2313_b20191024 and a public exploit is available, increasing the risk of exploitation. A fix is available from Totolink.

Impact en Aanvalsscenarioswordt vertaald…

A critical vulnerability has been discovered in the Totolink A7100RU router, version 7.4cu.2313b20191024 (CVE-2026-5994). This vulnerability, rated with a CVSS score of 9.8, allows for operating system command injection through manipulation of the 'telnetenabled' argument within the file /cgi-bin/cstecgi.cgi. The affected component is the CGI Handler. The severity of this vulnerability lies in its remote exploitability, meaning an attacker from anywhere on the network can potentially execute arbitrary commands on the router. The public release of the exploit further exacerbates the situation, increasing the risk of active attacks. This could result in complete device control, theft of sensitive information, or the router being used as a springboard to attack other systems on the network.

Uitbuitingscontextwordt vertaald…

The vulnerability resides in the file /cgi-bin/cstecgi.cgi, specifically within the setTelnetCfg function. An attacker can inject operating system commands by manipulating the 'telnet_enabled' parameter in an HTTP request. Due to inadequate input validation, these commands will be executed with the privileges of the CGI Handler process, which generally has access to sensitive system functions. The public availability of the exploit facilitates the exploitation of this vulnerability, allowing attackers with limited technical expertise to compromise the router. The fact that exploitation is remote makes it particularly dangerous, as it does not require physical access to the device.

Dreigingsinformatie

Exploit Status

Proof of ConceptOnbekend
CISA KEVNO
InternetblootstellingHoog
Rapporten4 dreigingsrapporten

EPSS

1.25% (79% percentiel)

CISA SSVC

Exploitatiepoc
Automatiseerbaaryes
Technische Impacttotal

CVSS-vector

DREIGINGSINFORMATIE· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R9.8CRITICALAttack VectorNetworkHoe de aanvaller het doel bereiktAttack ComplexityLowVereiste omstandigheden om te exploiterenPrivileges RequiredNoneVereist authenticatieniveau voor aanvalUser InteractionNoneOf het slachtoffer actie moet ondernemenScopeUnchangedImpact buiten het getroffen onderdeelConfidentialityHighRisico op blootstelling van gevoelige dataIntegrityHighRisico op ongeautoriseerde gegevenswijzigingAvailabilityHighRisico op verstoring van dienstennextguardhq.com · CVSS v3.1 Basisscore
Wat betekenen deze metrics?
Attack Vector
Netwerk — op afstand uitbuitbaar via internet. Geen fysieke of lokale toegang vereist.
Attack Complexity
Laag — geen speciale voorwaarden vereist. Betrouwbaar uitbuitbaar.
Privileges Required
Geen — geen authenticatie vereist om te exploiteren.
User Interaction
Geen — automatische en stille aanval. Slachtoffer doet niets.
Scope
Ongewijzigd — impact beperkt tot het kwetsbare component.
Confidentiality
Hoog — volledig verlies van vertrouwelijkheid. Aanvaller kan alle gegevens lezen.
Integrity
Hoog — aanvaller kan alle gegevens schrijven, aanpassen of verwijderen.
Availability
Hoog — volledige crash of uitputting van resources. Totale denial of service.

Getroffen Software

Componenttotolink-a7100ru
LeverancierTotolink
Getroffen bereikOpgelost in
7.4cu.2313_b20191024 – 7.4cu.2313_b201910247.4.1

Zwakheidsclassificatie (CWE)

CWE-78CWE-77

Tijdlijn

  1. Gereserveerd
  2. Gepubliceerd
  3. EPSS bijgewerkt
Geen patch — 44 dagen na openbaarmaking

Mitigatie en Workaroundswordt vertaald…

Currently, there is no official fix provided by Totolink for this vulnerability. The most effective mitigation is to disable the Telnet service on the router immediately. While it doesn't address the underlying vulnerability, it significantly reduces the attack surface. It is strongly recommended to monitor the network for suspicious activity. Additionally, users should consider replacing the router with a model that receives regular security updates. Keeping the router's firmware updated, although it doesn't resolve this specific issue, is a general security best practice. Contacting Totolink to inquire about potential future updates is also advised.

Hoe te verhelpenwordt vertaald…

Actualice el firmware del dispositivo Totolink A7100RU a una versión corregida por el fabricante. Consulte el sitio web oficial de Totolink para obtener la última versión del firmware y las instrucciones de actualización.

CVE Beveiligingsnieuwsbrief

Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.

Veelgestelde vragenwordt vertaald…

What is CVE-2026-5994 — Command Injection in Totolink A7100RU?

It's a unique identifier for a specific security vulnerability in the Totolink A7100RU router.

Am I affected by CVE-2026-5994 in Totolink A7100RU?

It allows for remote operating system command injection, potentially giving an attacker complete control of the router.

How do I fix CVE-2026-5994 in Totolink A7100RU?

Disable the Telnet service immediately and monitor your network for suspicious activity. Consider replacing the router.

Is CVE-2026-5994 being actively exploited?

Currently, there is no official fix available.

Where can I find the official Totolink A7100RU advisory for CVE-2026-5994?

Disable Telnet, keep your firmware updated (although it doesn't resolve this specific issue) and consider a router with regular security updates.

Is jouw project getroffen?

Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.

Gratis scannenCVEs zoeken