Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.9
Totolink A7100RU Router Telnet Configuration Can Be Hacked Remotely
CVE-2026-5994
Summary
A security issue in the Totolink A7100RU router's configuration tool allows hackers to remotely access and control the device. This means that an attacker can potentially take control of your router and use it to access your network. To protect your network, we recommend updating your router's software to the latest version.
Original title
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This issue affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing ...
Original description
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This issue affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument telnet_enabled results in os command injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks.
nvd CVSS2.0
10.0
nvd CVSS3.1
9.8
nvd CVSS4.0
8.9
Vulnerability type
CWE-77
Command Injection
CWE-78
OS Command Injection
Published: 10 Apr 2026 · Updated: 10 Apr 2026 · First seen: 10 Apr 2026