CVE-2026-6132: OS Command Injection in Totolink A7100RU This vulnerability affects the Totolink A7100RU router firmware 7.4cu.2313_b20191024. The issue lies in the setLedCfg function of the CGI handler (/cgi-bin/cstecgi.cgi), where manipulation of the 'enable' argument leads to OS command inject

CRITICAL OS command injection in Totolink A7100RU (7.4cu.2313_b20191024). Remote, unauthenticated exploit risk. No patch — restrict access & monitor devices. More info: radar.offseq.com/threat/cve-2026-6132-os-... #OffSeq #CVE20266132 #IoTSecurity