CRITICALVulnerability
Verified
Global

NVD CRITICAL: CVE-2026-6139 — A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This af...

·Source: NIST NVD

Updated:

Executive Summary

A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Analysis

A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. CVSS Score: 9.8. Published: 2026-04-13T01:16:35.500.

Indicators of Compromise (1)

CVE (1)
CVE-2026-6139
NVDMITRE CVE
Source Attribution

Originally published by NIST NVD on Apr 13, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerabilityNEW

Bipartisan AI Bill Targets Frontier Labs and State Regulators

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/bipartisan-ai-bill-targets-frontier-labs-state-regulators-image_small-1-a-31903.jpg" align=right hspace=4><b>House Draft Targets Frontier Labs with Audits While Blocking State AI Laws</b><br>A House discussion draft would impose safety mandates and independent audits on the country's most powerful AI developers, but the fight over

Bank Info Security
MEDIUMVulnerabilityNEW

Passengers Seek Full Appeals Court Review in CrowdStrike Case

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/passengers-seek-full-appeals-court-review-in-crowdstrike-case-image_small-9-a-31902.jpg" align=right hspace=4><b>Appeal Faces Steep Statistical Odds Given Previous Court Rulings</b><br>Passengers affected by the July 2024 CrowdStrike outage are making a longshot bid to get their case reheard en banc, arguing that claims tied to th

Bank Info Security
CRITICALVulnerabilityNEW

What Trump's AI Executive Order Means for Healthcare Sector

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/what-trumps-ai-executive-order-means-for-healthcare-sector-image_small-7-a-31901.jpg" align=right hspace=4><b>Experts: If Implemented Effectively, Directive Could Help Health Organizations</b><br>Although President Donald Trump's executive order this week on artificial intelligence barely mentions healthcare, some experts said the

Bank Info Security