CVE-2026-7721 | Totolink WA300 5.2cu.7112_B20190227 /cgi-bin/cstecgi.cgi NTPSyncWithHost hostTime command injection

A vulnerability was found in Totolink WA300 5.2cu.7112_B20190227 and classified as critical. This affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument hostTime leads to command injection.

This vulnerability is documented as CVE-2026-7721. The attack can be executed remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More