NVD CRITICAL: CVE-2026-5854 — A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected ...

Thursday, April 9, 2026 at 07:16 AM UTC·Source: NIST NVD

Updated: Thursday, April 9, 2026 at 07:17 AM UTC

Executive Summary

A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument merge results in os command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-5854

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on Apr 9, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerabilityNEW

Snap Finance appoints three seasoned bankers to leadership team

Snap Finance UK (Snap) has announced three senior appointments to its business development team, reinforcing the company’s commitment to expanding its retail and lending partner network to provide inclusive finance solutions across the UK.

Just nowFinextra

MEDIUMVulnerabilityNEW

Raiffeisen Bank reaffirms long-standing commitment to Finastra core

Finastra, a global leader in financial services software, today announced that Raiffeisen Bank Hungary, a subsidiary of Raiffeisen Bank International, has reaffirmed its long-standing commitment to using Finastra technology to power its core retail banking in region.

Just nowFinextra

MEDIUMVulnerabilityNEW

Revolut rolls out AI assistant for money management

Revolut has launched a new AI assistant to help customers with money management tasks, enabling users to get instant spending insights, check investments, manage subscriptions or plan a trip all through a single in-app conversation

Just nowFinextra