CVE-2026-7154 | Totolink A8000RU 7.1cu.643_b20200521 CGI /cgi-bin/cstecgi.cgi setAdvancedInfoShow tty_server os command injection

A vulnerability categorized as critical has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setAdvancedInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument tty_server can lead to os command injection.

This vulnerability is tracked as CVE-2026-7154. The attack can be launched remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More