NVD CRITICAL: CVE-2026-5852 — A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affecte...

Thursday, April 9, 2026 at 07:16 AM UTC·Source: NIST NVD

Updated: Thursday, April 9, 2026 at 07:17 AM UTC

Executive Summary

A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument igmpVer causes os command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks.

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-5852

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on Apr 9, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerabilityNEW

FOO to provide IT backbone for Ompay digital wallet

FOO, an award-winning B2B fintech solutions provider headquartered in the UAE, has announced its partnership with OMPAY, a subsidiary of Omantel, to power its next-generation digital wallet and support the evolution of digital financial services in Oman.

Just nowFinextra

LOWVulnerabilityNEW

Facephi opens subsidiary in Canada

Facephi (BME Growth: FACE; Euronext Growth Paris: ALPHI), a global leader in digital identity verification and fraud prevention, announces the opening of a new subsidiary in British Columbia (Canada), in line with its strategy focused on sustainable growth and cash flow generation, driven by geographic and sector diversification.

Just nowFinextra

MEDIUMVulnerabilityNEW

Profitus taps Axiology for digital bonds

The crowdfunding platform Profitus is launching digital bonds in collaboration with the EU-licensed distributed ledger technology (DLT) capital markets infrastructure provider Axiology.

Just nowFinextra