{“lastseen”:””,”description”:”A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setRadvdCfg of the file \/cgi-bin\/cstecgi.cgi of the component CGI Handler. The manipulation of the argument maxRtrAdvInterval leads to os command injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.”,”published”:”2026-04-28T08:00:16.213Z”,”modified”:”2026-04-28T08:00:16.213Z”,”type”:”cve”,”title”:”Totolink A8000RU CGI cstecgi.cgi setRadvdCfg os command injection”,”source”:”VulDB”,”references”:”https:\/\/vuldb.com\/vuln\/359850\\nhttps:\/\/vuldb.com\/vuln\/359850\/cti\\nhttps:\/\/vuldb.com\/submit\/803266\\nhttps:\/\/github.com\/Litengzheng\/vuldb_new2\/blob\/main\/A8000RU\/vul_327\/README.md\\nhttps:\/\/www.totolink.net\/”,”id”:”CVE-2026-7243″,”bulletinFamily”:””,”cwe”:[“CWE-78″,”CWE-77″],”cvelist”:null,”sourceData”:”Totolink A8000RU 7.1cu.643_b20200521″,”sourceHref”:””,”cvss”:{“score”:9.3,”severity”:”CRITICAL”,”vector”:”CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:N\/UI:N\/VC:H\/VI:H\/VA:H\/SC:N\/SI:N\/SA:N\/E:P”,”version”:”4.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”A8000RU”,”version”:”7.1cu.643_b20200521″,”vendor”:”Totolink”,”ai_description”:”OS command injection vulnerability in Totolink A8000RU via the setRadvdCfg function in the \/cgi-bin\/cstecgi.cgi file”,”ai_severity”:”Critical”,”ai_vendor”:”Totolink”,”ai_product”:”A8000RU”,”ai_version”:”7.1cu.643_b20200521″,”ai_score”:9.3}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setRadvdCfg of the file \/cgi-bin\/cstecgi.cgi of the component CGI Handler. The…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[9,6,8,55,12,13,7,11,5],"class_list":["post-49890","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-critical","tag-cve","tag-cvss","tag-cvss-93","tag-exploit","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n