### Vulnerability Overview - **Vulnerability ID**: #803265 - **Vulnerability Name**: Totolink A8000RU 7.1cu.643_b20200521 Command Injection - **Vulnerability Description**: A pre-authentication operating system command injection vulnerability exists in the web management interface of the Totolink A8000RU 7.1cu.643_b20200521 router. The vulnerability is located in the `setOpenVpnClientCfg` function, exposed via `/cgi-bin/cstecgi.cgi`. The CGI handler retrieves user-controlled input from HTTP parameters and directly concatenates it into a shell command string, which is then executed using `system()`, without any sanitization or escaping. Consequently, a remote attacker with network access can inject arbitrary shell commands into the web interface and execute them with root privileges on the device without authentication. This leads to full control of the router and may further impact the connected network. ### Affected Scope - **Affected Device**: Totolink A8000RU 7.1cu.643_b20200521 - **Impact Level**: High (can lead to full device control) ### Remediation - **Current Status**: Accepted - **Submission Date**: April 13, 2026 - **Review Date**: April 27, 2026 ### POC Code ```plaintext https://github.com/Litemgcheng/vuldb_new2/blob/main/A8000RU/vul_803265/README.md ``` ### Additional Information - **User**: LzxHua2 (UID 95662) - **Points**: 20 - **VulDB Entry**: 359849 [Totolink A8000RU 7.1cu.643_b20200521 CGI /cgi-bin/cstecgi.cgi setOpenVpnClientCfg enabled os command injection]