Lucene search
K

69 matches found

Vulnrichment
Vulnrichment
added 2026/04/23 12:0 a.m.6 views

CVE-2026-31175

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunEnable parameter to /cgi-bin/cstecgi.cgi...

6.1AI score0.00578EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/23 12:0 a.m.4 views

CVE-2026-31177

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunMinAlive parameter to /cgi-bin/cstecgi.cgi...

9.8CVSS6.1AI score0.00599EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.10 views

TOTOLINK A3300R 命令注入漏洞

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R password parameter, which can be exploited by an attacker to execute arbitrary commands by sending malicious data to the password parameter of...

6.5CVSS6AI score0.00279EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/23 12:0 a.m.4 views

CVE-2026-31181

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunServerAddr parameter to /cgi-bin/cstecgi.cgi...

9.8CVSS6.1AI score0.00578EPSS
Exploits1References2
CVE
CVE
added 2026/04/23 12:0 a.m.16 views

CVE-2026-31176

ToToLink A3300R firmware v17.0.0cu.557_B20221024 is affected by CVE-2026-31176 where an attacker can execute arbitrary commands by sending a crafted stun-user parameter to /cgi-bin/cstecgi.cgi. The CVSS v3.1 base score is 6.5 (Medium) with network attack vector, no privileges required, and no use...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.11 views

TOTOLINK A3300R 命令注入漏洞

ToToLink A3300R is a router product that provides network connectivity and data transfer. The ToToLink A3300R suffers from a command injection vulnerability that stems from failing to properly validate the input of the url parameter of /cgi-bin/cstecgi.cgi, which can be exploited by an attacker t...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/23 12:0 a.m.6 views

CVE-2026-31159

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi...

6.1AI score0.00279EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.9 views

PT-2026-34673

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557 B20221024 allowing attackers to execute arbitrary commands via the pppoeServiceName parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References2
NVD
NVD
added 2026/04/13 1:16 a.m.7 views

CVE-2026-6139

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The...

10CVSS0.01823EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/13 12:30 a.m.8 views

EUVD-2026-21749

A vulnerability was determined in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is...

10CVSS5.5AI score0.02175EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/13 12:15 a.m.7 views

EUVD-2026-21764

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The...

10CVSS7AI score0.01823EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/12 3:0 a.m.38 views

CVE-2026-6113 Totolink A7100RU CGI cstecgi.cgi setTtyServiceCfg os command injection

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setTtyServiceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument ttyEnable leads to os command injection. The attack...

10CVSS0.01803EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/09 12:0 a.m.1 views

CVE-2026-31170

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stun-pass parameter to /cgi-bin/cstecgi.cgi...

6.1AI score0.00573EPSS
Exploits1References2
NVD
NVD
added 2026/04/06 11:16 p.m.5 views

CVE-2026-5691

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setFirewallType of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument firewallType leads to os command injection. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS0.01167EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/06 9:31 p.m.9 views

EUVD-2026-19436

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument resetFlags results in os command injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS6.8AI score0.0114EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/30 9:23 p.m.11 views

CVE-2026-1601

A weakness has been identified in Totolink A7000R 4.1cu.4154. The impacted element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument FileName can lead to command injection. The attack can be launched remotely. The exploit has been made...

6.5CVSS5.7AI score0.01936EPSS
Exploits1References1
OSV
OSV
added 2026/01/29 9:15 p.m.5 views

CVE-2026-1623

A weakness has been identified in Totolink A7000R 4.1cu.4154. Impacted is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument FileName causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and...

5.3CVSS5.7AI score0.0218EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/20 2:20 p.m.6 views

CVE-2026-1157

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This affects the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ssid leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and...

9CVSS8.6AI score0.00885EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.9 views

TOTOLINK LR350 security vulnerabilities

TOTOLINK LR350 is a wireless router produced by TOTOLINK Corporation. The TOTOLINK LR350 9.3.5u.6369B20220309 version contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “ssid” in the file /cgi-bin/cstecgi.cgi, which may lead to a buffer overflow...

9CVSS7.7AI score0.00794EPSS
Exploits1References5
OSV
OSV
added 2025/10/27 7:15 a.m.5 views

CVE-2025-12239

A weakness has been identified in TOTOLINK A3300R 17.0.0cu.557B20221024. The impacted element is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Executing manipulation can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public...

9.8CVSS6.2AI score0.00753EPSS
Exploits1References5
Rows per page
Query Builder