{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6112", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-11T08:17:59.227Z", "datePublished": "2026-04-12T02:45:13.694Z", "dateUpdated": "2026-04-15T15:17:02.716Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-12T02:45:13.694Z"}, "title": "Totolink A7100RU CGI cstecgi.cgi setRadvdCfg os command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-78", "lang": "en", "description": "OS Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}], "affected": [{"vendor": "Totolink", "product": "A7100RU", "versions": [{"version": "7.4cu.2313_b20191024", "status": "affected"}], "cpes": ["cpe:2.3:o:totolink:a7100ru_firmware:*:*:*:*:*:*:*:*"], "modules": ["CGI Handler"]}], "descriptions": [{"lang": "en", "value": "A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 9.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "baseSeverity": "CRITICAL"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "CRITICAL"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "CRITICAL"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 10, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-11T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-11T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-11T10:23:19.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "LtzHust2 (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/vuln/356972", "name": "VDB-356972 | Totolink A7100RU CGI cstecgi.cgi setRadvdCfg os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/356972/cti", "name": "VDB-356972 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/792245", "name": "Submit #792245 | Totolink A7100RU 7.4cu.2313_b20191024 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/Litengzheng/vuldb_new/blob/main/A7100RU/vul_177/README.md", "tags": ["exploit"]}, {"url": "https://www.totolink.net/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-15T15:16:52.740547Z", "id": "CVE-2026-6112", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T15:17:02.716Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-6112", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-15T15:16:52.740547Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T15:16:58.437Z"}}], "cna": {"title": "Totolink A7100RU CGI cstecgi.cgi setRadvdCfg os command injection", "credits": [{"lang": "en", "type": "reporter", "value": "LtzHust2 (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 10, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}], "affected": [{"cpes": ["cpe:2.3:o:totolink:a7100ru_firmware:*:*:*:*:*:*:*:*"], "vendor": "Totolink", "modules": ["CGI Handler"], "product": "A7100RU", "versions": [{"status": "affected", "version": "7.4cu.2313_b20191024"}]}], "timeline": [{"lang": "en", "time": "2026-04-11T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-11T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-11T10:23:19.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/356972", "name": "VDB-356972 | Totolink A7100RU CGI cstecgi.cgi setRadvdCfg os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/356972/cti", "name": "VDB-356972 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/792245", "name": "Submit #792245 | Totolink A7100RU 7.4cu.2313_b20191024 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/Litengzheng/vuldb_new/blob/main/A7100RU/vul_177/README.md", "tags": ["exploit"]}, {"url": "https://www.totolink.net/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "OS Command Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "Command Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-12T02:45:13.694Z"}}}, "cveMetadata": {"cveId": "CVE-2026-6112", "state": "PUBLISHED", "dateUpdated": "2026-04-15T15:17:02.716Z", "dateReserved": "2026-04-11T08:17:59.227Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-12T02:45:13.694Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks."}], "id": "CVE-2026-6112", "lastModified": "2026-04-27T19:05:57.310", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.9, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-12T04:16:47.133", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/Litengzheng/vuldb_new/blob/main/A7100RU/vul_177/README.md"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/792245"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/356972"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/356972/cti"}, {"source": "cna@vuldb.com", "url": "https://www.totolink.net/"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}, {"lang": "en", "value": "CWE-78"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "7.4cu.2313_b20191024"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "A7100RU", "source": "cna", "vendor": "Totolink"}, "product": "a7100ru", "vendor": "totolink"}], "analysis": {"en": {"generated_at": "2026-04-12T05:21:10.041365+00:00", "value": {"mitigation_remediation": ["Verify the router firmware version; if it matches 7.4cu.2313_b20191024, update the device to the latest firmware released by Totolink that fixes the command injection flaw. If a patch is not yet available, disable the cstecgi.cgi endpoint or block external access to the port hosting the CGI interface. Monitor the router and network logs for suspicious activity and consider network segmentation to limit exposure."], "summary": {"action": "Patch immediately", "impact": "Remote OS command execution via CGI command injection"}, "threat_synthesis": {"affected_systems": "Totolink A7100RU routers running firmware version 7.4cu.2313_b20191024 are affected. No other versions or products are listed as vulnerable in the available data.", "description_and_impact": "The vulnerability allows an attacker to inject arbitrary operating system commands through the maxRtrAdvInterval parameter of the setRadvdCfg function in the cstecgi.cgi CGI handler. This results in remote OS command execution and full compromise of the affected router, providing attackers with control over the device and any connected networks. The weakness is consistent with common command injection flaws.", "risk_and_exploitability": "The vulnerability scores a CVSS of 9.3, indicating critical severity, and the exploit is publicly available, implying a high likelihood of exploitation. EPSS data is not provided, and the flaw is not yet listed in the CISA KEV catalog. Attackers can initiate the exploit remotely, and successful exploitation leads to complete loss of confidentiality, integrity, and availability of the device."}}}}, "created": "2026-04-13T12:41:41.172403+00:00", "updated": "2026-04-13T12:56:22.971587+00:00", "vendors": ["totolink", "totolink$PRODUCT$a7100ru"]}